Package ninja
Class AssetsControllerHelper
- java.lang.Object
-
- ninja.AssetsControllerHelper
-
public class AssetsControllerHelper extends Object
-
-
Constructor Summary
Constructors Constructor Description AssetsControllerHelper()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description booleanisDirectoryURL(URL url)Check the URL is a directory.StringnormalizePathWithoutLeadingSlash(String fileName, boolean enforceUnixSeparator)If we get - for whatever reason - a relative URL like assets/../conf/application.conf we expand that to the "real" path.
-
-
-
Method Detail
-
normalizePathWithoutLeadingSlash
public String normalizePathWithoutLeadingSlash(String fileName, boolean enforceUnixSeparator)
If we get - for whatever reason - a relative URL like assets/../conf/application.conf we expand that to the "real" path. In the above case conf/application.conf. You should then add the assets prefix. Otherwise someone can create an attack and read all resources of our app. If we expand and normalize the incoming path this is no longer possible.- Parameters:
fileName- A potential "fileName"enforceUnixSeparator- If true it will force the usage of the unix separator '/' If false it will use the separator of the underlying system. usually '/' in case of unix and '\' in case of windows.- Returns:
- A normalized fileName.
-
isDirectoryURL
public boolean isDirectoryURL(URL url)
Check the URL is a directory. With war style deployment, AssetsController exposes the file list of assets directories. For example, a request to http://localhost:8080/assets/css/ displays the file list of css directory. So this method checks the URL is a directory.- Parameters:
url- A URL of assets- Returns:
- true if the URL is a directory
-
-