kwin commented on code in PR #23:
URL:
https://github.com/apache/sling-org-apache-sling-engine/pull/23#discussion_r915526562
##########
src/main/java/org/apache/sling/engine/impl/request/RequestData.java:
##########
@@ -763,4 +767,34 @@ public SlingHttpServletRequest createRequest(RequestData
requestData, HttpServle
private static interface SlingHttpServletRequestFactory {
SlingHttpServletRequest createRequest(RequestData requestData,
HttpServletRequest request);
}
+
+ /*
+ * Traverses the path segment wise and checks
+ * if there is any path with only dots (".")
+ * skipping SKIPPED_TRAVERSAL_CHARS characters in segment.
+ */
+ private static boolean traversesParentPath(String path) {
+ int index = 0;
+ while(index < path.length()) {
Review Comment:
space after while missing
##########
src/main/java/org/apache/sling/engine/impl/request/RequestData.java:
##########
@@ -763,4 +767,34 @@ public SlingHttpServletRequest createRequest(RequestData
requestData, HttpServle
private static interface SlingHttpServletRequestFactory {
SlingHttpServletRequest createRequest(RequestData requestData,
HttpServletRequest request);
}
+
+ /*
+ * Traverses the path segment wise and checks
+ * if there is any path with only dots (".")
+ * skipping SKIPPED_TRAVERSAL_CHARS characters in segment.
+ */
+ private static boolean traversesParentPath(String path) {
+ int index = 0;
+ while(index < path.length()) {
+ int charCount = 0;
+ int dotCount = 0;
+ // count dots (".") and total chars in each path segment (between
two '/')
+ while(index < path.length() && path.charAt(index) != '/') {
Review Comment:
same here
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
