473,732 Members | 2,146 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Combine root and path.

I need a bullet proof way to combine a root and a relative path to form a FQ
rooted path (similar to a VDir in IIS). Path.Combine alone will not do the
job in all cases. I also need to be sure the no funny business can go on in
the passed "path" that would produce a path not in the root (i.e.
"..\..\dir1 "). Here is my first stab at it, but not sure if this is too
much or not enouph to ensure this. Any thoughts are welcome. TIA.

/// <summary>
/// Combines the root and path to ensure the path always relative to
the root and not below it or in some other root.
/// This does not check if the resulting path exists or if access is
allowed.
/// Path can not contain ".." anywhere in the path. Path can not be
rooted, it must be a relative path.
/// </summary>
/// <param name="root"></param>
/// <param name="path"></param>
/// <returns></returns>
public static string CombineRootAndP ath(string root, string path)
{
// Path can not be rooted. Must be realitive.
// Path can not contain ".." anywhere.
if ( root == null )
return null;
if ( path == null )
return null;
if ( ! Path.IsPathRoot ed(root) )
return null;
if ( root.EndsWith(@ "\"))
root = root + @"\";
path = path.Trim();
if ( Path.IsPathRoot ed(path) )
return null;
string fullPath = Path.Combine(ro ot, path);
// Final test to make sure nothing unexpected in path would
Combine
// to produce something outside the root.
if ( ! fullPath.Starts With(root) )
return null;
if ( path.Contains(" ..") )
return null;
return fullPath;
}

--
William Stacey [MVP]

Nov 17 '05 #1
1 5851
Removed "if ( root.EndsWith)"

public static string CombineRootAndP ath(string root, string path)
{
// Path can not be rooted. Must be realitive.
// Path can not contain ".." anywhere.
if ( root == null )
return null;
if ( path == null )
return null;
try
{
if ( !Path.IsPathRoo ted(root) )
return null;
}
catch
{
return null;
}
//if ( root.EndsWith(@ "\"))
// root = root + @"\";
path = path.Trim();
try
{
if ( Path.IsPathRoot ed(path) )
return null;
}
catch
{
return null;
}
string fullPath = Path.Combine(ro ot, path);
// Final test to make sure nothing unexpected in path would
Combine
// to produce something outside the root.
if ( ! fullPath.Starts With(root) )
return null;
if ( path.Contains(" ..") )
return null;
return fullPath;
}

--
William Stacey [MVP]

Nov 17 '05 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
5
2215
How to find the root of a CD in Linux
by: Jonathan | last post by:
I am creating a CD-ROM based website template. Things work fine under Windows but when I try to run the site under Linux the path is messed up. Therefore my JavaScript functions misinterpret the root to be the root of the filesystem instead of the root of the cd. Any cd I make will need to run on Windows and Linux systems and the filesystems and the way the cd's are mounted are always different. For example: Windows root path for a...
Javascript
3
2719
Combine Forms Authentication with Windows
by: Nick | last post by:
I am working a new application...well actually a series of applications for my company. They want internal users to be able to go to a site and everything regarding security is transparent, however we will have brokers and customers that also need to connect and will require a username and password. In this case we were going to store their credentials in a SQL database. Internal users will have the ability to access the same resources...
.NET Framework
4
7857
Root Relative Path
by: Win, Pats | last post by:
I have a snippet of HTML that I inject into a number of pages throughout my Web site at runtime. My problem is that I'm not getting the image to appear in all documents into which this snippet is injected. If I specify a document-relative path (e.g., src="../someFolder/AnotherFolder/TheGraphic.gif"), then it works fine, but only for documents that exist at the level in the directory structure. I thought I could use a root-relative...
ASP.NET
2
2304
Root Relative Path Injected as String Variable
by: Jordan Richard | last post by:
Put another way, is there any way I can tell ASP.NET to convert a path (imbedded in a string variable, "~/images/some_image.gif") to a root-relative path, that the client will understand, for the *current* page request? Here's what I'm doing: I am injecting HTML directly into ASPX pages via LiteralControl. something like this...
ASP.NET
3
1704
how do I point the root to be a sub web
by: Nalaka | last post by:
Hi, I have an asp.net web application (www.myWebSite), and a subweb application (www.myWebSite/subSite). How do I set it so that, subweb application (www.myWebSite/subSite) be the root application..... so that, when a user types www.myWebSite/subSite, it actualy, shows pages off subweb.
ASP.NET
9
6650
The data at the root level is invalid exception
by: MR | last post by:
I get the following Exception "The data at the root level is invalid. Line 1, position 642" whenever I try to deserialize an incoming SOAP message. The incoming message is formed well and its length is 642 bytes ( I have appended it to the end of this message). I suspect that the reason may have something to do with an incorrect declaration of which class to de-serialize to. In the attached code I substituted @@@@@@@ in the code below with...
.NET Framework
0
1006
Is possible to combine handle_data and regular expressions?
by: ProvoWallis | last post by:
Hi, I've experimented with regular expressions to solve my problems in the past but I have seen so many comments about HTMLParser and sgmllib that I thought I would try a different approach this time so I tried using HTMLParser. I want to search through my SGML file for various strings of text and find out what section they're in. What I have here does this to a certain extent but I was wondering if I could make handle_data and
Python
15
6468
Any downside to root-relative paths?
by: Lars Eighner | last post by:
Aside from the deaths of a few extra electrons to spell out the whole root relative path, is there any down side? It seems to me that theoretically it shouldn't make any difference, and it would make it much easier to slap modualar blocks of markup into page frameworks, which may change and so forth. And the few extra bytes, which even for a fairly large site would not amount to as many bytes as are in a fairly small low-res image, should...
HTML / CSS
6
8617
Problem with System.IO.Path.Combine()
by: madankarmukta | last post by:
HI, I am getting problem while combining the path "c:" and "File1.txt".The .Net's Path.Combine('c:","File1.txt") merely returns c:File1.txt hence Path.combine(string path) always retuen false , though file exists in the drive.Can anybody tell me what may b the remeady over this? Thanks!
.NET Framework
0
8944
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
General
0
9180
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
General
0
8186
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
Career Advice
1
6733
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
Microsoft Access / VBA
0
6030
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
C# / C Sharp
0
4548
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
Networking - Hardware / Configuration
0
4805
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
2
2721
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP
3
2177
bsmnconsultancy
Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us