Mirrors/Stirling-PDF
Mirrors/Stirling-PDF
1
0
Fork 0
mirror of https://github.com/Frooodle/Stirling-PDF.git synced 2025-10-25 11:17:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Sanitized user-provided file names in HTTP multipart uploads

Browse Source
This commit is contained in:
pixeebot[bot] 2024-02-01 23:48:27 +00:00
parent c8481fdbef
commit c8dfe10a7c
38 changed files with 83 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/main/java/stirling/software/SPDF/controller/api/MultiPageLayoutController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api;
import io.github.pixee.security.Filenames;
import java.awt.Color;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
@ -136,6 +137,6 @@ public class MultiPageLayoutController {
byte[] result = baos.toByteArray();
return WebResponseUtils.bytesToWebResponse(
result,
file.getOriginalFilename().replaceFirst("[.][^.]+$", "") + "_layoutChanged.pdf");
Filenames.toSimpleFileName(file.getOriginalFilename()).replaceFirst("[.][^.]+$", "") + "_layoutChanged.pdf");
}
}

3
src/main/java/stirling/software/SPDF/controller/api/PdfOverlayController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api;
import io.github.pixee.security.Filenames;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.IOException;
@ -75,7 +76,7 @@ public class PdfOverlayController {
overlay.overlay(overlayGuide).save(outputStream);
byte[] data = outputStream.toByteArray();
String outputFilename =
baseFile.getOriginalFilename().replaceFirst("[.][^.]+$", "")
Filenames.toSimpleFileName(baseFile.getOriginalFilename()).replaceFirst("[.][^.]+$", "")
+ "_overlayed.pdf"; // Remove file extension and append .pdf
return WebResponseUtils.bytesToWebResponse(

5
src/main/java/stirling/software/SPDF/controller/api/RearrangePagesPDFController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api;
import io.github.pixee.security.Filenames;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
@ -57,7 +58,7 @@ public class RearrangePagesPDFController {
}
return WebResponseUtils.pdfDocToWebResponse(
document,
pdfFile.getOriginalFilename().replaceFirst("[.][^.]+$", "") + "_removed_pages.pdf");
Filenames.toSimpleFileName(pdfFile.getOriginalFilename()).replaceFirst("[.][^.]+$", "") + "_removed_pages.pdf");
}
private List<Integer> removeFirst(int totalPages) {
@ -211,7 +212,7 @@ public class RearrangePagesPDFController {
return WebResponseUtils.pdfDocToWebResponse(
document,
pdfFile.getOriginalFilename().replaceFirst("[.][^.]+$", "")
Filenames.toSimpleFileName(pdfFile.getOriginalFilename()).replaceFirst("[.][^.]+$", "")
+ "_rearranged.pdf");
} catch (IOException e) {
logger.error("Failed rearranging documents", e);

3
src/main/java/stirling/software/SPDF/controller/api/RotationController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api;
import io.github.pixee.security.Filenames;
import java.io.IOException;
import org.apache.pdfbox.Loader;
@ -49,6 +50,6 @@ public class RotationController {
return WebResponseUtils.pdfDocToWebResponse(
document,
pdfFile.getOriginalFilename().replaceFirst("[.][^.]+$", "") + "_rotated.pdf");
Filenames.toSimpleFileName(pdfFile.getOriginalFilename()).replaceFirst("[.][^.]+$", "") + "_rotated.pdf");
}
}

3
src/main/java/stirling/software/SPDF/controller/api/ScalePagesController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api;
import io.github.pixee.security.Filenames;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.HashMap;
@ -112,6 +113,6 @@ public class ScalePagesController {
return WebResponseUtils.bytesToWebResponse(
baos.toByteArray(),
file.getOriginalFilename().replaceFirst("[.][^.]+$", "") + "_scaled.pdf");
Filenames.toSimpleFileName(file.getOriginalFilename()).replaceFirst("[.][^.]+$", "") + "_scaled.pdf");
}
}

3
src/main/java/stirling/software/SPDF/controller/api/SplitPDFController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api;
import io.github.pixee.security.Filenames;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.nio.file.Files;
@ -83,7 +84,7 @@ public class SplitPDFController {
Path zipFile = Files.createTempFile("split_documents", ".zip");
String filename = file.getOriginalFilename().replaceFirst("[.][^.]+$", "");
String filename = Filenames.toSimpleFileName(file.getOriginalFilename()).replaceFirst("[.][^.]+$", "");
try (ZipOutputStream zipOut = new ZipOutputStream(Files.newOutputStream(zipFile))) {
// loop through the split documents and write them to the zip file
for (int i = 0; i < splitDocumentsBoas.size(); i++) {

3
src/main/java/stirling/software/SPDF/controller/api/SplitPdfBySectionsController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api;
import io.github.pixee.security.Filenames;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.nio.file.Files;
@ -64,7 +65,7 @@ public class SplitPdfBySectionsController {
sourceDocument.close();
Path zipFile = Files.createTempFile("split_documents", ".zip");
String filename = file.getOriginalFilename().replaceFirst("[.][^.]+$", "");
String filename = Filenames.toSimpleFileName(file.getOriginalFilename()).replaceFirst("[.][^.]+$", "");
byte[] data;
try (ZipOutputStream zipOut = new ZipOutputStream(Files.newOutputStream(zipFile))) {

3
src/main/java/stirling/software/SPDF/controller/api/SplitPdfBySizeController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api;
import io.github.pixee.security.Filenames;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.nio.file.Files;
@ -120,7 +121,7 @@ public class SplitPdfBySizeController {
sourceDocument.close();
Path zipFile = Files.createTempFile("split_documents", ".zip");
String filename = file.getOriginalFilename().replaceFirst("[.][^.]+$", "");
String filename = Filenames.toSimpleFileName(file.getOriginalFilename()).replaceFirst("[.][^.]+$", "");
byte[] data;
try (ZipOutputStream zipOut = new ZipOutputStream(Files.newOutputStream(zipFile))) {

3
src/main/java/stirling/software/SPDF/controller/api/converters/ConvertBookToPDFController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.converters;
import io.github.pixee.security.Filenames;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.http.ResponseEntity;
@ -43,7 +44,7 @@ public class ConvertBookToPDFController {
throw new IllegalArgumentException("Please provide a file for conversion.");
}
String originalFilename = fileInput.getOriginalFilename();
String originalFilename = Filenames.toSimpleFileName(fileInput.getOriginalFilename());
if (originalFilename != null) {
String originalFilenameLower = originalFilename.toLowerCase();

3
src/main/java/stirling/software/SPDF/controller/api/converters/ConvertHtmlToPDF.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.converters;
import io.github.pixee.security.Filenames;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.http.ResponseEntity;
@ -39,7 +40,7 @@ public class ConvertHtmlToPDF {
"Please provide an HTML or ZIP file for conversion.");
}
String originalFilename = fileInput.getOriginalFilename();
String originalFilename = Filenames.toSimpleFileName(fileInput.getOriginalFilename());
if (originalFilename == null
|| (!originalFilename.endsWith(".html") && !originalFilename.endsWith(".zip"))) {
throw new IllegalArgumentException("File must be either .html or .zip format.");

3
src/main/java/stirling/software/SPDF/controller/api/converters/ConvertImgPDFController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.converters;
import io.github.pixee.security.Filenames;
import java.io.IOException;
import java.net.URLConnection;
@ -56,7 +57,7 @@ public class ConvertImgPDFController {
// returns bytes for image
boolean singleImage = singleOrMultiple.equals("single");
byte[] result = null;
String filename = file.getOriginalFilename().replaceFirst("[.][^.]+$", "");
String filename = Filenames.toSimpleFileName(file.getOriginalFilename()).replaceFirst("[.][^.]+$", "");
try {
result =
PdfUtils.convertFromPdf(

3
src/main/java/stirling/software/SPDF/controller/api/converters/ConvertMarkdownToPdf.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.converters;
import io.github.pixee.security.Filenames;
import java.util.List;
import java.util.Map;
@ -48,7 +49,7 @@ public class ConvertMarkdownToPdf {
throw new IllegalArgumentException("Please provide a Markdown file for conversion.");
}
String originalFilename = fileInput.getOriginalFilename();
String originalFilename = Filenames.toSimpleFileName(fileInput.getOriginalFilename());
if (originalFilename == null || !originalFilename.endsWith(".md")) {
throw new IllegalArgumentException("File must be in .md format.");
}

5
src/main/java/stirling/software/SPDF/controller/api/converters/ConvertOfficeController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.converters;
import io.github.pixee.security.Filenames;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
@ -31,7 +32,7 @@ public class ConvertOfficeController {
public byte[] convertToPdf(MultipartFile inputFile) throws IOException, InterruptedException {
// Check for valid file extension
String originalFilename = inputFile.getOriginalFilename();
String originalFilename = Filenames.toSimpleFileName(inputFile.getOriginalFilename());
if (originalFilename == null
|| !isValidFileExtension(FilenameUtils.getExtension(originalFilename))) {
throw new IllegalArgumentException("Invalid file extension");
@ -89,7 +90,7 @@ public class ConvertOfficeController {
byte[] pdfByteArray = convertToPdf(inputFile);
return WebResponseUtils.bytesToWebResponse(
pdfByteArray,
inputFile.getOriginalFilename().replaceFirst("[.][^.]+$", "")
Filenames.toSimpleFileName(inputFile.getOriginalFilename()).replaceFirst("[.][^.]+$", "")
+ "_convertedToPDF.pdf");
}
}

3
src/main/java/stirling/software/SPDF/controller/api/converters/ConvertPDFToBookController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.converters;
import io.github.pixee.security.Filenames;
import java.nio.file.Files;
import java.nio.file.Path;
import java.util.ArrayList;
@ -92,7 +93,7 @@ public class ConvertPDFToBookController {
}
String outputFilename =
fileInput.getOriginalFilename().replaceFirst("[.][^.]+$", "")
Filenames.toSimpleFileName(fileInput.getOriginalFilename()).replaceFirst("[.][^.]+$", "")
+ "."
+ outputFormat; // Remove file extension and append .pdf

3
src/main/java/stirling/software/SPDF/controller/api/converters/ConvertPDFToPDFA.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.converters;
import io.github.pixee.security.Filenames;
import java.nio.file.Files;
import java.nio.file.Path;
import java.util.ArrayList;
@ -63,7 +64,7 @@ public class ConvertPDFToPDFA {
// Return the optimized PDF as a response
String outputFilename =
inputFile.getOriginalFilename().replaceFirst("[.][^.]+$", "") + "_PDFA.pdf";
Filenames.toSimpleFileName(inputFile.getOriginalFilename()).replaceFirst("[.][^.]+$", "") + "_PDFA.pdf";
return WebResponseUtils.bytesToWebResponse(pdfBytes, outputFilename);
}
}

5
src/main/java/stirling/software/SPDF/controller/api/filters/FilterController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.filters;
import io.github.pixee.security.Filenames;
import java.io.IOException;
import org.apache.pdfbox.Loader;
@ -43,7 +44,7 @@ public class FilterController {
PDDocument pdfDocument = Loader.loadPDF(inputFile.getBytes());
if (PdfUtils.hasText(pdfDocument, pageNumber, text))
return WebResponseUtils.pdfDocToWebResponse(
pdfDocument, inputFile.getOriginalFilename());
pdfDocument, Filenames.toSimpleFileName(inputFile.getOriginalFilename()));
return null;
}
@ -60,7 +61,7 @@ public class FilterController {
PDDocument pdfDocument = Loader.loadPDF(inputFile.getBytes());
if (PdfUtils.hasImages(pdfDocument, pageNumber))
return WebResponseUtils.pdfDocToWebResponse(
pdfDocument, inputFile.getOriginalFilename());
pdfDocument, Filenames.toSimpleFileName(inputFile.getOriginalFilename()));
return null;
}

3
src/main/java/stirling/software/SPDF/controller/api/misc/AutoRenameController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.misc;
import io.github.pixee.security.Filenames;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Comparator;
@ -133,7 +134,7 @@ public class AutoRenameController {
return WebResponseUtils.pdfDocToWebResponse(document, header + ".pdf");
} else {
logger.info("File has no good title to be found");
return WebResponseUtils.pdfDocToWebResponse(document, file.getOriginalFilename());
return WebResponseUtils.pdfDocToWebResponse(document, Filenames.toSimpleFileName(file.getOriginalFilename()));
}
}
}

3
src/main/java/stirling/software/SPDF/controller/api/misc/AutoSplitPdfController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.misc;
import io.github.pixee.security.Filenames;
import java.awt.image.BufferedImage;
import java.awt.image.DataBufferByte;
import java.awt.image.DataBufferInt;
@ -97,7 +98,7 @@ public class AutoSplitPdfController {
document.close();
Path zipFile = Files.createTempFile("split_documents", ".zip");
String filename = file.getOriginalFilename().replaceFirst("[.][^.]+$", "");
String filename = Filenames.toSimpleFileName(file.getOriginalFilename()).replaceFirst("[.][^.]+$", "");
byte[] data;
try (ZipOutputStream zipOut = new ZipOutputStream(Files.newOutputStream(zipFile))) {

3
src/main/java/stirling/software/SPDF/controller/api/misc/BlankPageController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.misc;
import io.github.pixee.security.Filenames;
import java.awt.image.BufferedImage;
import java.io.IOException;
import java.nio.file.Files;
@ -131,7 +132,7 @@ public class BlankPageController {
return WebResponseUtils.pdfDocToWebResponse(
document,
inputFile.getOriginalFilename().replaceFirst("[.][^.]+$", "")
Filenames.toSimpleFileName(inputFile.getOriginalFilename()).replaceFirst("[.][^.]+$", "")
+ "_blanksRemoved.pdf");
} catch (IOException e) {
e.printStackTrace();

3
src/main/java/stirling/software/SPDF/controller/api/misc/CompressController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.misc;
import io.github.pixee.security.Filenames;
import java.awt.Image;
import java.awt.image.BufferedImage;
import java.io.ByteArrayInputStream;
@ -264,7 +265,7 @@ public class CompressController {
// Return the optimized PDF as a response
String outputFilename =
inputFile.getOriginalFilename().replaceFirst("[.][^.]+$", "") + "_Optimized.pdf";
Filenames.toSimpleFileName(inputFile.getOriginalFilename()).replaceFirst("[.][^.]+$", "") + "_Optimized.pdf";
return WebResponseUtils.bytesToWebResponse(pdfBytes, outputFilename);
}
}

3
src/main/java/stirling/software/SPDF/controller/api/misc/ExtractImagesController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.misc;
import io.github.pixee.security.Filenames;
import java.awt.Graphics2D;
import java.awt.Image;
import java.awt.image.BufferedImage;
@ -66,7 +67,7 @@ public class ExtractImagesController {
zos.setLevel(Deflater.BEST_COMPRESSION);
int imageIndex = 1;
String filename = file.getOriginalFilename().replaceFirst("[.][^.]+$", "");
String filename = Filenames.toSimpleFileName(file.getOriginalFilename()).replaceFirst("[.][^.]+$", "");
int pageNum = 0;
Set<Integer> processedImages = new HashSet<>();
// Iterate over each page

3
src/main/java/stirling/software/SPDF/controller/api/misc/FakeScanControllerWIP.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.misc;
import io.github.pixee.security.Filenames;
import java.awt.Color;
import java.awt.geom.AffineTransform;
import java.awt.image.AffineTransformOp;
@ -141,7 +142,7 @@ public class FakeScanControllerWIP {
// Return the optimized PDF as a response
String outputFilename =
inputFile.getOriginalFilename().replaceFirst("[.][^.]+$", "") + "_scanned.pdf";
Filenames.toSimpleFileName(inputFile.getOriginalFilename()).replaceFirst("[.][^.]+$", "") + "_scanned.pdf";
return WebResponseUtils.boasToWebResponse(baos, outputFilename);
}
}

3
src/main/java/stirling/software/SPDF/controller/api/misc/MetadataController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.misc;
import io.github.pixee.security.Filenames;
import java.io.IOException;
import java.text.ParseException;
import java.text.SimpleDateFormat;
@ -164,6 +165,6 @@ public class MetadataController {
document.setDocumentInformation(info);
return WebResponseUtils.pdfDocToWebResponse(
document,
pdfFile.getOriginalFilename().replaceFirst("[.][^.]+$", "") + "_metadata.pdf");
Filenames.toSimpleFileName(pdfFile.getOriginalFilename()).replaceFirst("[.][^.]+$", "") + "_metadata.pdf");
}
}

5
src/main/java/stirling/software/SPDF/controller/api/misc/OCRController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.misc;
import io.github.pixee.security.Filenames;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
@ -182,12 +183,12 @@ public class OCRController {
// Return the OCR processed PDF as a response
String outputFilename =
inputFile.getOriginalFilename().replaceFirst("[.][^.]+$", "") + "_OCR.pdf";
Filenames.toSimpleFileName(inputFile.getOriginalFilename()).replaceFirst("[.][^.]+$", "") + "_OCR.pdf";
if (sidecar != null && sidecar) {
// Create a zip file containing both the PDF and the text file
String outputZipFilename =
inputFile.getOriginalFilename().replaceFirst("[.][^.]+$", "") + "_OCR.zip";
Filenames.toSimpleFileName(inputFile.getOriginalFilename()).replaceFirst("[.][^.]+$", "") + "_OCR.zip";
Path tempZipFile = Files.createTempFile("output_", ".zip");
try (ZipOutputStream zipOut =

3
src/main/java/stirling/software/SPDF/controller/api/misc/OverlayImageController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.misc;
import io.github.pixee.security.Filenames;
import java.io.IOException;
import org.slf4j.Logger;
@ -44,7 +45,7 @@ public class OverlayImageController {
return WebResponseUtils.bytesToWebResponse(
result,
pdfFile.getOriginalFilename().replaceFirst("[.][^.]+$", "") + "_overlayed.pdf");
Filenames.toSimpleFileName(pdfFile.getOriginalFilename()).replaceFirst("[.][^.]+$", "") + "_overlayed.pdf");
} catch (IOException e) {
logger.error("Failed to add image to PDF", e);
return new ResponseEntity<>(HttpStatus.BAD_REQUEST);

5
src/main/java/stirling/software/SPDF/controller/api/misc/PageNumbersController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.misc;
import io.github.pixee.security.Filenames;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.List;
@ -93,7 +94,7 @@ public class PageNumbersController {
.replace("{total}", String.valueOf(document.getNumberOfPages()))
.replace(
"{filename}",
file.getOriginalFilename()
Filenames.toSimpleFileName(file.getOriginalFilename())
.replaceFirst("[.][^.]+$", ""))
: String.valueOf(pageNumber);
@ -145,7 +146,7 @@ public class PageNumbersController {
return WebResponseUtils.bytesToWebResponse(
baos.toByteArray(),
file.getOriginalFilename().replaceFirst("[.][^.]+$", "") + "_numbersAdded.pdf",
Filenames.toSimpleFileName(file.getOriginalFilename()).replaceFirst("[.][^.]+$", "") + "_numbersAdded.pdf",
MediaType.APPLICATION_PDF);
}
}

3
src/main/java/stirling/software/SPDF/controller/api/misc/RepairController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.misc;
import io.github.pixee.security.Filenames;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
@ -65,7 +66,7 @@ public class RepairController {
// Return the optimized PDF as a response
String outputFilename =
inputFile.getOriginalFilename().replaceFirst("[.][^.]+$", "") + "_repaired.pdf";
Filenames.toSimpleFileName(inputFile.getOriginalFilename()).replaceFirst("[.][^.]+$", "") + "_repaired.pdf";
return WebResponseUtils.bytesToWebResponse(pdfBytes, outputFilename);
}
}

3
src/main/java/stirling/software/SPDF/controller/api/misc/ShowJavascript.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.misc;
import io.github.pixee.security.Filenames;
import java.nio.charset.StandardCharsets;
import java.util.Map;
@ -54,7 +55,7 @@ public class ShowJavascript {
script +=
"// File: "
+ inputFile.getOriginalFilename()
+ Filenames.toSimpleFileName(inputFile.getOriginalFilename())
+ ", Script: "
+ name
+ "\n"

3
src/main/java/stirling/software/SPDF/controller/api/misc/StampController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.misc;
import io.github.pixee.security.Filenames;
import java.awt.Color;
import java.awt.image.BufferedImage;
import java.io.File;
@ -127,7 +128,7 @@ public class StampController {
return WebResponseUtils.pdfDocToWebResponse(
document,
pdfFile.getOriginalFilename().replaceFirst("[.][^.]+$", "") + "_watermarked.pdf");
Filenames.toSimpleFileName(pdfFile.getOriginalFilename()).replaceFirst("[.][^.]+$", "") + "_watermarked.pdf");
}
private void addTextStamp(

3
src/main/java/stirling/software/SPDF/controller/api/pipeline/PipelineProcessor.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.pipeline;
import io.github.pixee.security.Filenames;
import io.github.pixee.security.ZipSecurity;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
@ -334,7 +335,7 @@ public class PipelineProcessor {
new ByteArrayResource(file.getBytes()) {
@Override
public String getFilename() {
return file.getOriginalFilename();
return Filenames.toSimpleFileName(file.getOriginalFilename());
}
};
outputFiles.add(fileResource);

3
src/main/java/stirling/software/SPDF/controller/api/security/CertSignController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.security;
import io.github.pixee.security.Filenames;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
@ -123,7 +124,7 @@ public class CertSignController {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
sign(pdf.getBytes(), baos, createSignature, name, location, reason);
return WebResponseUtils.boasToWebResponse(
baos, pdf.getOriginalFilename().replaceFirst("[.][^.]+$", "") + "_signed.pdf");
baos, Filenames.toSimpleFileName(pdf.getOriginalFilename()).replaceFirst("[.][^.]+$", "") + "_signed.pdf");
}
private static void sign(

7
src/main/java/stirling/software/SPDF/controller/api/security/PasswordController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.security;
import io.github.pixee.security.Filenames;
import java.io.IOException;
import org.apache.pdfbox.Loader;
@ -43,7 +44,7 @@ public class PasswordController {
document.setAllSecurityToBeRemoved(true);
return WebResponseUtils.pdfDocToWebResponse(
document,
fileInput.getOriginalFilename().replaceFirst("[.][^.]+$", "")
Filenames.toSimpleFileName(fileInput.getOriginalFilename()).replaceFirst("[.][^.]+$", "")
+ "_password_removed.pdf");
}
@ -88,10 +89,10 @@ public class PasswordController {
if ("".equals(ownerPassword) && "".equals(password))
return WebResponseUtils.pdfDocToWebResponse(
document,
fileInput.getOriginalFilename().replaceFirst("[.][^.]+$", "")
Filenames.toSimpleFileName(fileInput.getOriginalFilename()).replaceFirst("[.][^.]+$", "")
+ "_permissions.pdf");
return WebResponseUtils.pdfDocToWebResponse(
document,
fileInput.getOriginalFilename().replaceFirst("[.][^.]+$", "") + "_passworded.pdf");
Filenames.toSimpleFileName(fileInput.getOriginalFilename()).replaceFirst("[.][^.]+$", "") + "_passworded.pdf");
}
}

3
src/main/java/stirling/software/SPDF/controller/api/security/RedactController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.security;
import io.github.pixee.security.Filenames;
import java.awt.Color;
import java.awt.image.BufferedImage;
import java.io.ByteArrayOutputStream;
@ -104,7 +105,7 @@ public class RedactController {
byte[] pdfContent = baos.toByteArray();
return WebResponseUtils.bytesToWebResponse(
pdfContent,
file.getOriginalFilename().replaceFirst("[.][^.]+$", "") + "_redacted.pdf");
Filenames.toSimpleFileName(file.getOriginalFilename()).replaceFirst("[.][^.]+$", "") + "_redacted.pdf");
}
private void redactFoundText(

3
src/main/java/stirling/software/SPDF/controller/api/security/SanitizeController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.security;
import io.github.pixee.security.Filenames;
import java.io.IOException;
import org.apache.pdfbox.Loader;
@ -76,7 +77,7 @@ public class SanitizeController {
return WebResponseUtils.pdfDocToWebResponse(
document,
inputFile.getOriginalFilename().replaceFirst("[.][^.]+$", "")
Filenames.toSimpleFileName(inputFile.getOriginalFilename()).replaceFirst("[.][^.]+$", "")
+ "_sanitized.pdf");
}
}

3
src/main/java/stirling/software/SPDF/controller/api/security/WatermarkController.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.controller.api.security;
import io.github.pixee.security.Filenames;
import java.awt.Color;
import java.awt.image.BufferedImage;
import java.io.File;
@ -104,7 +105,7 @@ public class WatermarkController {
return WebResponseUtils.pdfDocToWebResponse(
document,
pdfFile.getOriginalFilename().replaceFirst("[.][^.]+$", "") + "_watermarked.pdf");
Filenames.toSimpleFileName(pdfFile.getOriginalFilename()).replaceFirst("[.][^.]+$", "") + "_watermarked.pdf");
}
private void addTextWatermark(

3
src/main/java/stirling/software/SPDF/utils/PDFToFile.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.utils;
import io.github.pixee.security.Filenames;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
@ -32,7 +33,7 @@ public class PDFToFile {
}
// Get the original PDF file name without the extension
String originalPdfFileName = inputFile.getOriginalFilename();
String originalPdfFileName = Filenames.toSimpleFileName(inputFile.getOriginalFilename());
String pdfBaseName = originalPdfFileName.substring(0, originalPdfFileName.lastIndexOf('.'));
// Validate output format

3
src/main/java/stirling/software/SPDF/utils/PdfUtils.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.utils;
import io.github.pixee.security.Filenames;
import java.awt.Graphics;
import java.awt.image.BufferedImage;
import java.awt.image.RenderedImage;
@ -299,7 +300,7 @@ public class PdfUtils {
try (PDDocument doc = new PDDocument()) {
for (MultipartFile file : files) {
String contentType = file.getContentType();
String originalFilename = file.getOriginalFilename();
String originalFilename = Filenames.toSimpleFileName(file.getOriginalFilename());
if (originalFilename != null
&& (originalFilename.toLowerCase().endsWith(".tiff")
|| originalFilename.toLowerCase().endsWith(".tif"))) {

3
src/main/java/stirling/software/SPDF/utils/WebResponseUtils.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.utils;
import io.github.pixee.security.Filenames;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.net.URLEncoder;
@ -26,7 +27,7 @@ public class WebResponseUtils {
public static ResponseEntity<byte[]> multiPartFileToWebResponse(MultipartFile file)
throws IOException {
String fileName = file.getOriginalFilename();
String fileName = Filenames.toSimpleFileName(file.getOriginalFilename());
MediaType mediaType = MediaType.parseMediaType(file.getContentType());
byte[] bytes = file.getBytes();