[HttpFoundation] Sanitize uploaded file original name
This commit is contained in:
parent
f8cc8a7deb
commit
dccac192d6
@ -82,7 +82,7 @@ class UploadedFile extends File
|
|||||||
}
|
}
|
||||||
|
|
||||||
$this->path = realpath($path);
|
$this->path = realpath($path);
|
||||||
$this->originalName = $originalName;
|
$this->originalName = basename($originalName);
|
||||||
$this->mimeType = $mimeType ?: 'application/octet-stream';
|
$this->mimeType = $mimeType ?: 'application/octet-stream';
|
||||||
$this->size = $size;
|
$this->size = $size;
|
||||||
$this->error = $error ?: UPLOAD_ERR_OK;
|
$this->error = $error ?: UPLOAD_ERR_OK;
|
||||||
|
@ -77,6 +77,19 @@ class UploadedFileTest extends \PHPUnit_Framework_TestCase
|
|||||||
null
|
null
|
||||||
);
|
);
|
||||||
|
|
||||||
$this->assertEquals('test.gif', $file->getName());
|
$this->assertEquals('original.gif', $file->getOriginalName());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testGetOriginalNameSanitizeFilename()
|
||||||
|
{
|
||||||
|
$file = new UploadedFile(
|
||||||
|
__DIR__.'/Fixtures/test.gif',
|
||||||
|
'../../original.gif',
|
||||||
|
'image/gif',
|
||||||
|
filesize(__DIR__.'/Fixtures/test.gif'),
|
||||||
|
null
|
||||||
|
);
|
||||||
|
|
||||||
|
$this->assertEquals('original.gif', $file->getOriginalName());
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
Reference in New Issue
Block a user