Modify S2083(java): Improve the compliant sample (#3472)

SonarSource · Nov 30, 2023 · f0db71d · f0db71d
1 parent 7cb81aa
commit f0db71d
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/rules/S2083/java/how-to-fix-it/java-se.adoc b/rules/S2083/java/how-to-fix-it/java-se.adoc
@@ -31,15 +31,15 @@ public class ExampleController
 @Controller
 public class ExampleController
 {
-    static private String targetDirectory = "/path/to/target/directory/";
+    private static String targetDirectory = "/path/to/target/directory/";
+    private static Path targetPath        = new File(targetDirectory).toPath().normalize();
 
     @GetMapping(value = "/delete")
     public void delete(@RequestParam("filename") String filename) throws IOException {
 
-        File file = new File(targetDirectory + filename);
-        String canonicalDestinationPath = file.getCanonicalPath();
+        File file = new File(targetPath + filename);
 
-        if (!canonicalDestinationPath.startsWith(targetDirectory)) {
+        if (!file.toPath().normalize().startsWith(targetPath)) {
             throw new IOException("Entry is outside of the target directory");
         }