## How To Prevent Directory Traversal Attacks

Avoid passing user-supplied input to filesystem APIs
- If this isn't possible, do the following:
	§ Application should validate user input before processing it by being compared to an allow list
	§ Append input to base directory and use platform filesystem API to canonicalize the path
 
- Sample code that does this:`
```
File file = new File(BASE_DIRECTORY,
userInput);
if
(file.getCanonicalPath().startsWith(BASE_DIRE
CTORY)) {
// process file
}
```