final File fileFromEnvVariable;
if (!Strings.isNullOrEmpty(propDirectoryFromEnvVariable)) {
fileFromEnvVariable = Paths.get(propDirectoryFromEnvVariable).resolve(filename).toFile();
- if(PathValidator.isValidFilePath(fileFromEnvVariable.getAbsolutePath()) && fileFromEnvVariable.exists()) {
+ if(PathValidator.isValidPropertiesPath(fileFromEnvVariable.getAbsolutePath()) && fileFromEnvVariable.exists()) {
return Optional.of(fileFromEnvVariable);
}
}
public class PathValidator {
public static boolean isValidXmlPath(String path) {
- Pattern allowList = Pattern.compile("[-\\w/\\/]+\\.xml$");
+ Pattern allowList = Pattern.compile("[-.\\w/\\/]+\\.xml$");
return (allowList.matcher(path).matches());
}
public static boolean isValidPropertiesPath(String path) {
- Pattern allowList = Pattern.compile("[-\\w/\\/]+\\.properties$");
+ Pattern allowList = Pattern.compile("[-.\\w/\\/]+\\.properties$");
return (allowList.matcher(path).matches());
}
public static boolean isValidFilePath(String path) {
- Pattern allowList = Pattern.compile("[-\\w/\\/]+");
+ Pattern allowList = Pattern.compile("[-.\\w/\\/]+$");
return (allowList.matcher(path).matches());
}
}