34 lines
810 B
Plaintext
34 lines
810 B
Plaintext
include::../description.adoc[]
|
|
|
|
== Noncompliant Code Example
|
|
|
|
[source,java]
|
|
----
|
|
public void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException {
|
|
|
|
if (ServletFileUpload.isMultipartContent(request)) {
|
|
|
|
FileItemFactory factory = new DiskFileItemFactory();
|
|
ServletFileUpload upload = new ServletFileUpload(factory); // Noncompliant
|
|
// ...
|
|
----
|
|
|
|
include::../see.adoc[]
|
|
|
|
* https://wiki.sei.cmu.edu/confluence/display/java/IDS56-J.+Prevent+arbitrary+file+upload[CERT, IDS56-J.] - Prevent arbitrary file upload
|
|
|
|
ifdef::env-github,rspecator-view[]
|
|
|
|
'''
|
|
== Implementation Specification
|
|
(visible only on this page)
|
|
|
|
include::../message.adoc[]
|
|
|
|
'''
|
|
== Comments And Links
|
|
(visible only on this page)
|
|
|
|
include::../comments-and-links.adoc[]
|
|
endif::env-github,rspecator-view[]
|