Update Javadoc of FilePart#filename

See gh-26299
This commit is contained in:
Rossen Stoyanchev
2021-01-07 11:26:00 +00:00
parent a1cf6bbc37
commit 138f6bfd84
2 changed files with 11 additions and 3 deletions

View File

@@ -1,5 +1,5 @@
/*
* Copyright 2002-2018 the original author or authors.
* Copyright 2002-2021 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -33,6 +33,14 @@ public interface FilePart extends Part {
/**
* Return the original filename in the client's filesystem.
* <p><strong>Note:</strong> Please keep in mind this filename is supplied
* by the client and should not be used blindly. In addition to not using
* the directory portion, the file name could also contain characters such
* as ".." and others that can be used maliciously.
* @return the original filename, or the empty String if no file has been chosen
* in the multipart form, or {@code null} if not defined or not available
* @see <a href="https://tools.ietf.org/html/rfc7578#section-4.2">RFC 7578, Section 4.2</a>
* @see <a href="https://owasp.org/www-community/vulnerabilities/Unrestricted_File_Upload">Unrestricted File Upload</a>
*/
String filename();

View File

@@ -55,13 +55,13 @@ public interface MultipartFile extends InputStreamSource {
* but it typically will not with any other than Opera.
* <p><strong>Note:</strong> Please keep in mind this filename is supplied
* by the client and should not be used blindly. In addition to not using
* the directory portion, the file name could also contain characters * such
* the directory portion, the file name could also contain characters such
* as ".." and others that can be used maliciously.
* @return the original filename, or the empty String if no file has been chosen
* in the multipart form, or {@code null} if not defined or not available
* @see org.apache.commons.fileupload.FileItem#getName()
* @see org.springframework.web.multipart.commons.CommonsMultipartFile#setPreserveFilename
* @see <a href="https://tools.ietf.org/html/rfc7578#section-4.2">RFC 7578, Section 3.4</a>
* @see <a href="https://tools.ietf.org/html/rfc7578#section-4.2">RFC 7578, Section 4.2</a>
* @see <a href="https://owasp.org/www-community/vulnerabilities/Unrestricted_File_Upload">Unrestricted File Upload</a>
*/
@Nullable