[HttpFoundation] Sanitize uploaded file original name
This commit is contained in:
parent
f8cc8a7deb
commit
dccac192d6
@ -82,7 +82,7 @@ class UploadedFile extends File
|
||||
}
|
||||
|
||||
$this->path = realpath($path);
|
||||
$this->originalName = $originalName;
|
||||
$this->originalName = basename($originalName);
|
||||
$this->mimeType = $mimeType ?: 'application/octet-stream';
|
||||
$this->size = $size;
|
||||
$this->error = $error ?: UPLOAD_ERR_OK;
|
||||
|
@ -77,6 +77,19 @@ class UploadedFileTest extends \PHPUnit_Framework_TestCase
|
||||
null
|
||||
);
|
||||
|
||||
$this->assertEquals('test.gif', $file->getName());
|
||||
$this->assertEquals('original.gif', $file->getOriginalName());
|
||||
}
|
||||
|
||||
public function testGetOriginalNameSanitizeFilename()
|
||||
{
|
||||
$file = new UploadedFile(
|
||||
__DIR__.'/Fixtures/test.gif',
|
||||
'../../original.gif',
|
||||
'image/gif',
|
||||
filesize(__DIR__.'/Fixtures/test.gif'),
|
||||
null
|
||||
);
|
||||
|
||||
$this->assertEquals('original.gif', $file->getOriginalName());
|
||||
}
|
||||
}
|
||||
|
Reference in New Issue
Block a user