添加下载路径限制

src/com/ejweb/core/conf/SecurityPropertyPlaceholderConfigurer.java

@@ -79,6 +79,7 @@ public class SecurityPropertyPlaceholderConfigurer extends PropertyPlaceholderCo
 
     public static void main(String[] args) {
         System.out.println(DES3Utils.encrypt("foctest", CONF_DESC_KEY));
-        System.out.println(DES3Utils.decrypt("69872b2310ba9b30470ce46682151021e825c3909c394aa5f4387123bdbfa67e", CONF_DESC_KEY));
+        System.out.println(DES3Utils.decrypt("35824f37e331a42e669a52e248d88ffb6474030c906ec914", CONF_DESC_KEY));
+        System.out.println(DES3Utils.decrypt("6f2237c231b1464c6474030c906ec914", CONF_DESC_KEY));
     }
 }

src/com/ejweb/modules/upload/api/UploadController.java

@@ -38,11 +38,10 @@ import java.util.List;
 import java.util.Map;
 
 /**
- * @team IT Team
  * @author renmb
  * @version 1.0
+ * @team IT Team
  * @time 2016-03-22
- *
  */
 @Controller
 @RequestMapping(value = "/api/upload")
@@ -54,12 +53,12 @@ public class UploadController {
 
     /**
      * 使用BASE64上传文件
-     * 
-     * @author renmb
-     * @time 2016年11月1日
+     *
      * @param request
      * @param requestBean
      * @return
+     * @author renmb
+     * @time 2016年11月1日
      */
     @ResponseBody
     @RequestMapping("/base64")
@@ -135,7 +134,7 @@ public class UploadController {
     @ResponseBody
     @RequestMapping("/files")
     public ResponseBean files(HttpServletRequest request, @RequestParam("file") CommonsMultipartFile[] files,
-            RequestBean requestBean) {
+                              RequestBean requestBean) {
 
         ResponseBean responseBean = new ResponseBean();
         List<UploadFileBean> uploadFiles = null;
@@ -279,12 +278,16 @@ public class UploadController {
     @RequestMapping("download")
     public void download(RequestBean requestBean, HttpServletResponse response, HttpServletRequest request) throws JsonParseException, JsonMappingException, IOException {
 
-      FileBean bean = requestBean.getObjectBean(FileBean.class);
+        FileBean bean = requestBean.getObjectBean(FileBean.class);
         // File baseUploadDir = new File(GConstants.FILE_UPLOAD_DIR, filepath);
         InputStream in = null;
         OutputStream out = null;
         try {
-          
+            if (bean.getPath() != null) {
+                if (bean.getPath().indexOf("../") != -1) {
+                    return;
+                }
+            }
             // 设置文件MIME类型
             response.setContentType("application/form-data;charset=utf-8");
             // String downloadFileName=Encodes.urlEncode(bean.getName());
@@ -294,16 +297,16 @@ public class UploadController {
                 downloadFileName = "=?UTF-8?B?" + (new String(Base64.encodeBase64(bean.getName().getBytes("UTF-8"))))
                         + "?=";
             } /*
-               * else{ downloadFileName = URLDecoder.decode(bean.getName(),
-               * "UTF-8"); }
-               */
+             * else{ downloadFileName = URLDecoder.decode(bean.getName(),
+             * "UTF-8"); }
+             */
             // 设置Content-Disposition
             response.setHeader("Content-Disposition", "attachment; filename=\"" + downloadFileName + "\"");
             // 获取目标文件的绝对路径
 //            String fullFileName = GConstants.FILE_UPLOAD_DIR + bean.getPath();
             File downloadFile = new File(GConstants.FILE_UPLOAD_DIR, bean.getPath());
-            LOG.error("文件下载地址："+downloadFile.getAbsolutePath());
-            System.out.println("文件下载地址："+downloadFile.getAbsolutePath());
+            LOG.error("文件下载地址：" + downloadFile.getAbsolutePath());
+            System.out.println("文件下载地址：" + downloadFile.getAbsolutePath());
             // 读取文件
             in = new FileInputStream(downloadFile);
             out = response.getOutputStream();
@@ -323,8 +326,8 @@ public class UploadController {
             IOUtils.closeQuietly(out);
         }
     }
-    
-//    public static String GetImageStr(String imgFile)  
+
+    //    public static String GetImageStr(String imgFile)
 //    {//将图片文件转化为字节数组字符串，并对其进行Base64编码处理  
 ////        String imgFile = "d://test.jpg";//待处理的图片  
 //        InputStream in = null;  
@@ -400,12 +403,12 @@ public class UploadController {
     @RequestMapping("/verifFile")
     public ResponseBean verifFile(HttpServletRequest request, RequestBean requestBean) {
         ResponseBean responseBean = new ResponseBean();
-        String stream=request.getParameter("fileStream");
-        String filePath=request.getParameter("filePath");
-        String fileDir=request.getParameter("fileDir");
+        String stream = request.getParameter("fileStream");
+        String filePath = request.getParameter("filePath");
+        String fileDir = request.getParameter("fileDir");
         ByteArrayInputStream bais = null;
         FileOutputStream ostream = null;
-        try{
+        try {
             byte buf[] = stream.getBytes("utf-8");
             bais = new ByteArrayInputStream(buf);
             POIFSFileSystem poifs = new POIFSFileSystem();
@@ -413,12 +416,11 @@ public class UploadController {
             directory.createDocument("WordDocument", bais);
 
             // 文件保存地址
-            File uploadFilePath = new File(GConstants.FILE_UPLOAD_DIR,filePath);
-            if(uploadFilePath.exists())
-            {
+            File uploadFilePath = new File(GConstants.FILE_UPLOAD_DIR, filePath);
+            if (uploadFilePath.exists()) {
                 return responseBean;
             }
-            File baseUploadDir = new File(GConstants.FILE_UPLOAD_DIR,fileDir);
+            File baseUploadDir = new File(GConstants.FILE_UPLOAD_DIR, fileDir);
             if (!baseUploadDir.exists()) {// 如果文件夹不存在则创建
                 baseUploadDir.mkdirs();
             }
@@ -434,6 +436,6 @@ public class UploadController {
         responseBean.setStatus(ErrorCode.STATUS_CODE_2000);
         responseBean.setMessage(GConstants.OK);
         return responseBean;
-       
+
     }
 }