diff --git a/src/zabapgit_object_w3xx.prog.abap b/src/zabapgit_object_w3xx.prog.abap
index 220515c02..d480c2259 100644
--- a/src/zabapgit_object_w3xx.prog.abap
+++ b/src/zabapgit_object_w3xx.prog.abap
@@ -38,6 +38,10 @@ CLASS lcl_object_w3super DEFINITION INHERITING FROM lcl_objects_super ABSTRACT.
CHANGING ct_params TYPE ty_wwwparams_tt
RAISING lcx_exception.
+ METHODS patch_filename
+ CHANGING ct_params TYPE ty_wwwparams_tt
+ RAISING lcx_exception.
+
ENDCLASS. "lcl_object_W3SUPER DEFINITION
*----------------------------------------------------------------------*
@@ -144,6 +148,9 @@ CLASS lcl_object_w3super IMPLEMENTATION.
lv_size = ls_wwwparam-value.
+ " Remove file path (for security concerns)
+ patch_filename( CHANGING ct_params = lt_w3params ).
+
CASE ms_key-relid.
WHEN 'MI'.
CALL FUNCTION 'SCMS_BINARY_TO_XSTRING'
@@ -387,6 +394,21 @@ CLASS lcl_object_w3super IMPLEMENTATION.
ENDMETHOD. " patch_size.
+ METHOD patch_filename.
+
+ FIELD-SYMBOLS LIKE LINE OF ct_params.
+
+ READ TABLE ct_params ASSIGNING WITH KEY name = 'filename'.
+
+ IF sy-subrc > 0.
+ lcx_exception=>raise( |W3xx: Cannot find file name for { ms_key-objid }| ).
+ ENDIF.
+
+ " Remove path
+ -value = lcl_path=>get_filename_from_syspath( |{ -value }| ).
+
+ ENDMETHOD. " patch_filename.
+
METHOD lif_object~compare_to_remote_version.
CREATE OBJECT ro_comparison_result TYPE lcl_null_comparison_result.
ENDMETHOD.
diff --git a/src/zabapgit_unit_test.prog.abap b/src/zabapgit_unit_test.prog.abap
index 2dabe4cd0..9ff966597 100644
--- a/src/zabapgit_unit_test.prog.abap
+++ b/src/zabapgit_unit_test.prog.abap
@@ -1676,6 +1676,7 @@ CLASS ltcl_path DEFINITION
METHODS split_file_location FOR TESTING.
METHODS is_subdir FOR TESTING.
METHODS change_dir FOR TESTING.
+ METHODS get_filename_from_syspath FOR TESTING.
ENDCLASS. "ltcl_path
@@ -1794,6 +1795,30 @@ CLASS ltcl_path IMPLEMENTATION.
ENDMETHOD.
+ METHOD get_filename_from_syspath.
+
+ DATA lv_filename TYPE string.
+
+ lv_filename = lcl_path=>get_filename_from_syspath( 'file.txt' ).
+ assert_equals( act = lv_filename exp = 'file.txt' ).
+
+ lv_filename = lcl_path=>get_filename_from_syspath( 'c:\dir\file.txt' ).
+ assert_equals( act = lv_filename exp = 'file.txt' ).
+
+ lv_filename = lcl_path=>get_filename_from_syspath( 'c:\file.txt' ).
+ assert_equals( act = lv_filename exp = 'file.txt' ).
+
+ lv_filename = lcl_path=>get_filename_from_syspath( '/dir/file.txt' ).
+ assert_equals( act = lv_filename exp = 'file.txt' ).
+
+ lv_filename = lcl_path=>get_filename_from_syspath( '/file.txt' ).
+ assert_equals( act = lv_filename exp = 'file.txt' ).
+
+ lv_filename = lcl_path=>get_filename_from_syspath( '\\server$\file.txt' ).
+ assert_equals( act = lv_filename exp = 'file.txt' ).
+
+ ENDMETHOD. " get_filename_from_syspath.
+
ENDCLASS. "ltcl_path
CLASS ltcl_file_status DEFINITION
diff --git a/src/zabapgit_util.prog.abap b/src/zabapgit_util.prog.abap
index 98700dbbe..282848d42 100644
--- a/src/zabapgit_util.prog.abap
+++ b/src/zabapgit_util.prog.abap
@@ -360,6 +360,10 @@ CLASS lcl_path DEFINITION FINAL.
iv_cd TYPE string
RETURNING VALUE(rv_path) TYPE string.
+ CLASS-METHODS get_filename_from_syspath
+ IMPORTING iv_path TYPE string
+ RETURNING VALUE(rv_filename) TYPE string.
+
ENDCLASS. "lcl_path
CLASS lcl_path IMPLEMENTATION.
@@ -434,6 +438,15 @@ CLASS lcl_path IMPLEMENTATION.
ENDMETHOD. "change_dir
+ METHOD get_filename_from_syspath.
+
+ " filename | c:\filename | /dir/filename | \\server\filename
+ FIND FIRST OCCURRENCE OF REGEX '^(?:/(?:.+/)*|(?:\w:|\\)\\(?:.+\\)*)?([^\\/]+)$'
+ IN iv_path
+ SUBMATCHES rv_filename.
+
+ ENDMETHOD. " get_filename_from_syspath.
+
ENDCLASS. "lcl_path
*----------------------------------------------------------------------*