Class PathSecurityRule
java.lang.Object
dev.jcputney.elearning.parser.validators.rules.common.PathSecurityRule
- All Implemented Interfaces:
ValidationRule<Scorm12Manifest>
Validates that all file paths in the manifest are safe and don't contain directory traversal
patterns, absolute paths, or external references.
Security Requirements:
- No path traversal (../ or ..\)
- No absolute paths (/path or C:\path)
- No external URLs (http://, https://, //)
- No null bytes or control characters
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionHuman-readable name of this rule for logging and debugging.Specification reference for traceability and documentation.validate(Scorm12Manifest manifest) Validates the manifest according to this rule.
-
Constructor Details
-
PathSecurityRule
public PathSecurityRule()
-
-
Method Details
-
getRuleName
Description copied from interface:ValidationRuleHuman-readable name of this rule for logging and debugging.- Specified by:
getRuleNamein interfaceValidationRule<Scorm12Manifest>- Returns:
- Rule name (e.g., "Resource Reference Validation")
-
getSpecReference
Description copied from interface:ValidationRuleSpecification reference for traceability and documentation. Used to trace validation back to spec requirements.- Specified by:
getSpecReferencein interfaceValidationRule<Scorm12Manifest>- Returns:
- Spec reference (e.g., "SCORM 1.2 CAM Section 2.3.4")
-
validate
Description copied from interface:ValidationRuleValidates the manifest according to this rule.- Specified by:
validatein interfaceValidationRule<Scorm12Manifest>- Parameters:
manifest- The manifest to validate (must not be null)- Returns:
- ValidationResult with any issues found (never null)
-