!95 optimize

Merge pull request !95 from 开源海哥/master

src/main/java/com/jfinal/core/JFinalFilter.java

@@ -134,27 +134,11 @@ public class JFinalFilter implements Filter {
 		log = Log.getLog(JFinalFilter.class);
 	}
 	
-	boolean isJsp(String t) {
-		char c;
-		int end = t.length() - 1;
-		
-		if ( (end > 3) && ((c = t.charAt(end)) == 'x' || c == 'X') ) {
-			end--;
+	boolean isJsp(String target) {
+		int lastIndexOf = target.lastIndexOf(".");
+		if (lastIndexOf > -1) {
+			return target.substring(lastIndexOf).toLowerCase().startsWith(".jsp");
 		}
-		
-		if ( (end > 2) && ((c = t.charAt(end)) == 'p' || c == 'P') ) {
-			end--;
-			if ( (end > 1) && ((c = t.charAt(end)) == 's' || c == 'S') ) {
-				end--;
-				if ( (end > 0) && ((c = t.charAt(end)) == 'j' || c == 'J') ) {
-					end--;
-					if ( (end > -1) && ((c = t.charAt(end)) == '.') ) {
-						return true;
-					}
-				}
-			}
-		}
-		
 		return false;
 	}
 }

src/main/java/com/jfinal/upload/MultipartRequest.java

@@ -37,7 +37,21 @@ public class MultipartRequest extends HttpServletRequestWrapper {
 	private static String baseUploadPath;
 	private static long maxPostSize;
 	private static String encoding;
-	static FileRenamePolicy fileRenamePolicy = new DefaultFileRenamePolicy();
+	static FileRenamePolicy fileRenamePolicy = new DefaultFileRenamePolicy(){
+		@Override
+		public File rename(File f) {
+			String name = f.getName();
+			int lastIndexOf = name.lastIndexOf(".");
+			if (lastIndexOf > -1) {
+				String suffix = name.substring(lastIndexOf).toLowerCase().trim();
+				if (".jsp".equals(suffix) || ".jspx".equals(suffix)) {
+					File safeFile = new File(f.getParentFile(), name + "_unsafe");
+					return super.rename(safeFile);
+				}
+			}
+			return super.rename(f);
+		}
+	};
 	
 	private List<UploadFile> uploadFiles;
 	private com.oreilly.servlet.MultipartRequest multipartRequest;