diff --git a/backend/framework/sdk/src/main/java/io/metersphere/sdk/file/LocalFileRepository.java b/backend/framework/sdk/src/main/java/io/metersphere/sdk/file/LocalFileRepository.java index 3969a1dcc3..4cebee74b9 100644 --- a/backend/framework/sdk/src/main/java/io/metersphere/sdk/file/LocalFileRepository.java +++ b/backend/framework/sdk/src/main/java/io/metersphere/sdk/file/LocalFileRepository.java @@ -57,6 +57,7 @@ public class LocalFileRepository implements FileRepository { @Override public void deleteFolder(FileRequest request) throws Exception { + MsFileUtils.validateFileName(request.getProjectId(), request.getFileName()); this.delete(request); } @@ -81,10 +82,12 @@ public class LocalFileRepository implements FileRepository { } private String getFilePath(FileRequest request) { + MsFileUtils.validateFileName(request.getProjectId(), request.getFileName()); return StringUtils.join(getFileDir(request), "/", request.getFileName()); } private String getFileDir(FileRequest request) { + MsFileUtils.validateFileName(request.getProjectId(), request.getFileName()); return StringUtils.join(MsFileUtils.DATE_ROOT_DIR, "/", request.getProjectId()); } } diff --git a/backend/framework/sdk/src/main/java/io/metersphere/sdk/util/MsFileUtils.java b/backend/framework/sdk/src/main/java/io/metersphere/sdk/util/MsFileUtils.java index 37399e00ad..949287b0a9 100644 --- a/backend/framework/sdk/src/main/java/io/metersphere/sdk/util/MsFileUtils.java +++ b/backend/framework/sdk/src/main/java/io/metersphere/sdk/util/MsFileUtils.java @@ -14,7 +14,7 @@ public class MsFileUtils { public static void validateFileName(String... fileNames) { if (fileNames != null) { for (String fileName : fileNames) { - if (StringUtils.isNotEmpty(fileName) && StringUtils.contains(fileName, "." + File.separator)) { + if (StringUtils.isNotBlank(fileName) && StringUtils.contains(fileName, "." + File.separator)) { throw new MSException(Translator.get("invalid_parameter")); } }