StaticjoinStaticjoinThis method requires that the path to a directory or file is real and exists.
This method is not safe. Use this instead of path.join(...) directly when you cannot confine a user to a base
directory. It is best to avoid using user input directly for constructing paths. If you must use user input, it is
recommended to use PathEx.safeJoinWithBaseDirConfinement(...) to join paths.
For more information see: https://owasp.org/www-community/attacks/Path_Traversal
The paths to join
StaticrealThis method requires that the path to a directory or file is real and exists.
This method is not safe unless a literal is used as the parameter.
StaticresolveResolves the given paths. This is a wrapper around path.resolve. It is recommended to only use this when you are dealing with part of a path that is not a complete path reference on its own.
This method is not safe unless literals are used as parameters. Use this instead of path.resolve(...) directly when you cannot confine a user to a base directory.
For more information see: https://owasp.org/www-community/attacks/Path_Traversal
StaticsafeSecurely joins paths while preventing path traversal attacks. Requires that the base directory is real and exists. This method requires that the path to a directory or file is real and exists.
The base directory to enforce
The paths to join
The safely joined path.
Joins the given paths. This is a wrapper around path.join. It is recommended to only use this when you are dealing with part of a path that is not a complete path reference on its own.
This method is not safe unless literals are used as parameters. Use this instead of path.join(...) directly when you cannot confine a user to a base directory. It is best to avoid using user input directly for constructing paths. If you must use user input, it is recommended to use
PathEx.safeJoinWithBaseDirConfinement(...)to join paths.For more information see: https://owasp.org/www-community/attacks/Path_Traversal