public class UploadServlet3 extends HttpServlet {    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {        doGet(request, response);    }    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {        //檢測form是否是multipart/form-data類型的        boolean isMultipart = ServletFileUpload.isMultipartContent(request);        if (!isMultipart) {            throw new RuntimeException("The form's enctype attribute value must be multipart/form-data");        }        //解析請求內容        DiskFileItemFactory factory = new DiskFileItemFactory();    //產生FileItem的工廠        ServletFileUpload sfu = new ServletFileUpload(factory);        List<FileItem> items = new ArrayList<FileItem>();        try {            items = sfu.parseRequest(request);        } catch (FileUploadException e) {            throw new RuntimeException("解析請求失敗");        }        //遍歷:        for (FileItem item : items) {            //處理普通字段            if (item.isFormField()) {                processFormField(item);            } else {                //處理上傳字段                processUploadField(item);            }        }    }    protected void processUploadField(FileItem item) {        try {            InputStream in = item.getInputStream();            //找一個存放文件的位置;存放的文件名            String fileName = item.getName();   //上傳的文件的文件名            if (fileName != null) {                fileName = FilenameUtils.getName(fileName);            }其中：        //存放路徑        String realPath = getServletContext().getRealPath("/WEB-INF/files");        在部署到tomcat中后，并沒有發現上傳后的文件在WEB-INF目錄下，這樣不就不能保證服務器端的安全嗎？反而是在項目根目錄下發現的。