You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@velocity.apache.org by jo...@locus.apache.org on 2000/12/11 20:42:51 UTC
cvs commit: jakarta-velocity/src/java/org/apache/velocity/runtime/loader FileTemplateLoader.java
jon 00/12/11 11:42:50
Modified: src/java/org/apache/velocity/runtime/loader
FileTemplateLoader.java
Log:
various cleanup
added support for normalizing the path
Revision Changes Path
1.11 +14 -1 jakarta-velocity/src/java/org/apache/velocity/runtime/loader/FileTemplateLoader.java
Index: FileTemplateLoader.java
===================================================================
RCS file: /home/cvs/jakarta-velocity/src/java/org/apache/velocity/runtime/loader/FileTemplateLoader.java,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- FileTemplateLoader.java 2000/11/16 02:03:28 1.10
+++ FileTemplateLoader.java 2000/12/11 19:42:48 1.11
@@ -64,6 +64,7 @@
import org.apache.velocity.Template;
import org.apache.velocity.runtime.Runtime;
+import org.apache.velocity.util.StringUtils;
/**
* This is a simple template file loader.
@@ -71,7 +72,7 @@
* That'll change once we decide how we want to do configuration
*
* @author Dave Bryson
- * $Revision: 1.10 $
+ * $Revision: 1.11 $
*/
public class FileTemplateLoader extends TemplateLoader
{
@@ -105,6 +106,13 @@
throw new Exception ("Need to specify a file name or file path!");
}
+ name = StringUtils.normalizePath(name);
+ if ( name == null || name.length() == 0 )
+ {
+ throw new Exception ("#include() error : argument " + name +
+ " contains .. and may be trying to access " +
+ "content outside of template root. Rejected.");
+ }
File file = new File( templatePath, name );
if ( file.canRead() )
{
@@ -136,6 +144,11 @@
return true;
}
+ /**
+ Get the last modified date
+
+ @return the last modified datestamp of the Template
+ */
public long getLastModified(Template t)
{
File file = new File(templatePath, t.getName());