.net 确保路径不为';我不能上一层楼
我想确保.net 确保路径不为';我不能上一层楼,.net,validation,path,.net,Validation,Path,我想确保relativePath不会通过basePath进入文件夹。有没有可靠的方法来检测这一点 string basePath = "/myfolder/"; string relativePath; // Invalid relativePath = "../foo"; relativePath = "subfolder/../../bar"; // Valid, but if too hard this can also be invalid relativePath = "subfo
relativePathbasePathstring basePath = "/myfolder/";
string relativePath;
// Invalid
relativePath = "../foo";
relativePath = "subfolder/../../bar";
// Valid, but if too hard this can also be invalid
relativePath = "subfolder/../subfolder2";
// Valid
relativePath = "subfolder/another..folder/";
relativePath = "subfolder/..anotherFolder/";
// There may be ways to circumvent that I haven't thought of...
// Maybe some of these would work
relativePath = " ../";
relativePath = ".. /";
// fullPath should not be above basePath
string fullPath = basePath + relativePath;
Path.GetFullPath(basePath + relativePath).StartsWith(basePath)
virtualPath.GetFullPath()。/string basePath = "/myFolder/";
string relativePath = "whatever_user_inputs";
string basePathRooted = Path.GetFullPath(basePath);
string relativePathRooted = Path.GetFullPath(relativePath);
if (!relativePathRooted.StartsWith(basePathRooted))
//Fail
string basePath = "/myFolder/";
string relativePath = "whatever_user_inputs";
string basePathRooted = Path.GetFullPath(basePath);
string relativePathRooted = Path.GetFullPath(relativePath);
if (!relativePathRooted.StartsWith(basePathRooted))
//Fail
所以
basePathRooted==“C:\myFolder”relativeApprooted==“C:\ProgramFiles(x86)\Microsoft Visual Studio 9.0\Common7\IDE\which\u user\u input”string relativepathoted=Path.GetFullPath(basePath+relativePath)basePathPath.GetFullPath(relativePath).StartsWith(Path.GetFullPath(“.”)basePathRooted==“C:\myFolder”RelativeApprothoted==“C:\Program Files(x86)\Microsoft Visual Studio 9.0\Common7\IDE\which\u user\u input”string relativepathoted=Path.GetFullPath(basePath+relativePath)basePathPath.GetFullPath(relativePath).StartsWith(Path.GetFullPath(“.”)