Merge pull request #6713 from owncloud/files-filenameescapingfixes
Fixed various file name escaping issues in core apps
This commit is contained in:
Lukas Reschke
commit
85e00ad35a
|
|
@ -222,6 +222,14 @@ $(document).ready(function() {
|
|||
|
||||
//examine file
|
||||
var file = data.files[0];
|
||||
try {
|
||||
// FIXME: not so elegant... need to refactor that method to return a value
|
||||
Files.isFileNameValid(file.name);
|
||||
}
|
||||
catch (errorMessage) {
|
||||
data.textStatus = 'invalidcharacters';
|
||||
data.errorThrown = errorMessage;
|
||||
}
|
||||
|
||||
if (file.type === '' && file.size === 4096) {
|
||||
data.textStatus = 'dirorzero';
|
||||
|
|
@ -605,7 +613,7 @@ $(document).ready(function() {
|
|||
if (result.status === 'success') {
|
||||
var date=new Date();
|
||||
FileList.addDir(name, 0, date, hidden);
|
||||
var tr=$('tr[data-file="'+name+'"]');
|
||||
var tr = FileList.findFileEl(name);
|
||||
tr.attr('data-id', result.data.id);
|
||||
} else {
|
||||
OC.dialogs.alert(result.data.message, t('core', 'Could not create folder'));
|
||||
|
|
@ -647,7 +655,7 @@ $(document).ready(function() {
|
|||
$('#uploadprogressbar').fadeOut();
|
||||
var date = new Date();
|
||||
FileList.addFile(localName, size, date, false, hidden);
|
||||
var tr = $('tr[data-file="'+localName+'"]');
|
||||
var tr = FileList.findFileEl(localName);
|
||||
tr.data('mime', mime).data('id', id);
|
||||
tr.attr('data-id', id);
|
||||
var path = $('#dir').val()+'/'+localName;
|
||||
|
|
|
|||
|
|
@ -71,7 +71,7 @@ var FileActions = {
|
|||
FileActions.currentFile = parent;
|
||||
var actions = FileActions.get(FileActions.getCurrentMimeType(), FileActions.getCurrentType(), FileActions.getCurrentPermissions());
|
||||
var file = FileActions.getCurrentFile();
|
||||
if ($('tr[data-file="'+file+'"]').data('renaming')) {
|
||||
if (FileList.findFileEl(file).data('renaming')) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -6,6 +6,13 @@ var FileList={
|
|||
$(this).attr('data-file',decodeURIComponent($(this).attr('data-file')));
|
||||
});
|
||||
},
|
||||
/**
|
||||
* Returns the tr element for a given file name
|
||||
*/
|
||||
findFileEl: function(fileName){
|
||||
// use filterAttr to avoid escaping issues
|
||||
return $('#fileList tr').filterAttr('data-file', fileName);
|
||||
},
|
||||
update:function(fileListHtml) {
|
||||
var $fileList = $('#fileList');
|
||||
$fileList.empty().html(fileListHtml);
|
||||
|
|
@ -292,8 +299,9 @@ var FileList={
|
|||
$('#filestable').toggleClass('hidden', show);
|
||||
},
|
||||
remove:function(name){
|
||||
$('tr').filterAttr('data-file',name).find('td.filename').draggable('destroy');
|
||||
$('tr').filterAttr('data-file',name).remove();
|
||||
var fileEl = FileList.findFileEl(name);
|
||||
fileEl.find('td.filename').draggable('destroy');
|
||||
fileEl.remove();
|
||||
FileList.updateFileSummary();
|
||||
if ( ! $('tr[data-file]').exists() ) {
|
||||
$('#emptycontent').removeClass('hidden');
|
||||
|
|
@ -334,7 +342,7 @@ var FileList={
|
|||
FileList.updateFileSummary();
|
||||
},
|
||||
loadingDone:function(name, id) {
|
||||
var mime, tr = $('tr[data-file="'+name+'"]');
|
||||
var mime, tr = FileList.findFileEl(name);
|
||||
tr.data('loading', false);
|
||||
mime = tr.data('mime');
|
||||
tr.attr('data-mime', mime);
|
||||
|
|
@ -347,12 +355,12 @@ var FileList={
|
|||
}, null, null, tr.attr('data-etag'));
|
||||
tr.find('td.filename').draggable(dragOptions);
|
||||
},
|
||||
isLoading:function(name) {
|
||||
return $('tr[data-file="'+name+'"]').data('loading');
|
||||
isLoading:function(file) {
|
||||
return FileList.findFileEl(file).data('loading');
|
||||
},
|
||||
rename:function(oldname) {
|
||||
var tr, td, input, form;
|
||||
tr = $('tr[data-file="'+oldname+'"]');
|
||||
tr = FileList.findFileEl(oldname);
|
||||
tr.data('renaming',true);
|
||||
td = tr.children('td.filename');
|
||||
input = $('<input type="text" class="filename"/>').val(oldname);
|
||||
|
|
@ -500,14 +508,16 @@ var FileList={
|
|||
form.trigger('submit');
|
||||
});
|
||||
},
|
||||
inList:function(filename) {
|
||||
return $('#fileList tr[data-file="'+filename+'"]').length;
|
||||
inList:function(file) {
|
||||
return FileList.findFileEl(file).length;
|
||||
},
|
||||
replace:function(oldName, newName, isNewFile) {
|
||||
// Finish any existing actions
|
||||
$('tr[data-file="'+oldName+'"]').hide();
|
||||
$('tr[data-file="'+newName+'"]').hide();
|
||||
var tr = $('tr[data-file="'+oldName+'"]').clone();
|
||||
var oldFileEl = FileList.findFileEl(oldName);
|
||||
var newFileEl = FileList.findFileEl(newName);
|
||||
oldFileEl.hide();
|
||||
newFileEl.hide();
|
||||
var tr = oldFileEl.clone();
|
||||
tr.attr('data-replace', 'true');
|
||||
tr.attr('data-file', newName);
|
||||
var td = tr.children('td.filename');
|
||||
|
|
@ -559,7 +569,7 @@ var FileList={
|
|||
files=[files];
|
||||
}
|
||||
for (var i=0; i<files.length; i++) {
|
||||
var deleteAction = $('tr[data-file="'+files[i]+'"]').children("td.date").children(".action.delete");
|
||||
var deleteAction = FileList.findFileEl(files[i]).children("td.date").children(".action.delete");
|
||||
deleteAction.removeClass('delete-icon').addClass('progress-icon');
|
||||
}
|
||||
// Finish any existing actions
|
||||
|
|
@ -573,7 +583,7 @@ var FileList={
|
|||
function(result) {
|
||||
if (result.status === 'success') {
|
||||
$.each(files,function(index,file) {
|
||||
var files = $('tr[data-file="'+file+'"]');
|
||||
var files = FileList.findFileEl(file);
|
||||
files.remove();
|
||||
files.find('input[type="checkbox"]').removeAttr('checked');
|
||||
files.removeClass('selected');
|
||||
|
|
@ -595,7 +605,7 @@ var FileList={
|
|||
OC.Notification.hide();
|
||||
}, 10000);
|
||||
$.each(files,function(index,file) {
|
||||
var deleteAction = $('tr[data-file="' + file + '"] .action.delete');
|
||||
var deleteAction = FileList.findFileEl(file).find('.action.delete');
|
||||
deleteAction.removeClass('progress-icon').addClass('delete-icon');
|
||||
});
|
||||
}
|
||||
|
|
@ -737,7 +747,7 @@ var FileList={
|
|||
},
|
||||
scrollTo:function(file) {
|
||||
//scroll to and highlight preselected file
|
||||
var $scrolltorow = $('tr[data-file="'+file+'"]');
|
||||
var $scrolltorow = FileList.findFileEl(file);
|
||||
if ($scrolltorow.exists()) {
|
||||
$scrolltorow.addClass('searchresult');
|
||||
$(window).scrollTop($scrolltorow.position().top);
|
||||
|
|
@ -949,7 +959,7 @@ $(document).ready(function() {
|
|||
$('#notification').on('click', '.undo', function() {
|
||||
if (FileList.deleteFiles) {
|
||||
$.each(FileList.deleteFiles,function(index,file) {
|
||||
$('tr[data-file="'+file+'"]').show();
|
||||
FileList.findFileEl(file).show();
|
||||
});
|
||||
FileList.deleteCanceled=true;
|
||||
FileList.deleteFiles=null;
|
||||
|
|
@ -959,10 +969,10 @@ $(document).ready(function() {
|
|||
FileList.deleteCanceled = false;
|
||||
FileList.deleteFiles = [FileList.replaceOldName];
|
||||
} else {
|
||||
$('tr[data-file="'+FileList.replaceOldName+'"]').show();
|
||||
FileList.findFileEl(FileList.replaceOldName).show();
|
||||
}
|
||||
$('tr[data-replace="true"').remove();
|
||||
$('tr[data-file="'+FileList.replaceNewName+'"]').show();
|
||||
FileList.findFileEl(FileList.replaceNewName).show();
|
||||
FileList.replaceCanceled = true;
|
||||
FileList.replaceOldName = null;
|
||||
FileList.replaceNewName = null;
|
||||
|
|
@ -977,7 +987,8 @@ $(document).ready(function() {
|
|||
});
|
||||
});
|
||||
$('#notification:first-child').on('click', '.suggest', function() {
|
||||
$('tr[data-file="'+$('#notification > span').attr('data-oldName')+'"]').show();
|
||||
var file = $('#notification > span').attr('data-oldName');
|
||||
FileList.findFileEl(file).show();
|
||||
OC.Notification.hide();
|
||||
});
|
||||
$('#notification:first-child').on('click', '.cancel', function() {
|
||||
|
|
|
|||
|
|
@ -282,7 +282,7 @@ $(document).ready(function() {
|
|||
procesSelection();
|
||||
} else {
|
||||
var filename=$(this).parent().parent().attr('data-file');
|
||||
var tr=$('tr[data-file="'+filename+'"]');
|
||||
var tr = FileList.findFileEl(filename);
|
||||
var renaming=tr.data('renaming');
|
||||
if (!renaming && !FileList.isLoading(filename)) {
|
||||
FileActions.currentFile = $(this).parent();
|
||||
|
|
@ -541,10 +541,12 @@ var folderDropOptions={
|
|||
if (result) {
|
||||
if (result.status === 'success') {
|
||||
//recalculate folder size
|
||||
var oldSize = $('#fileList tr[data-file="'+target+'"]').data('size');
|
||||
var newSize = oldSize + $('#fileList tr[data-file="'+file+'"]').data('size');
|
||||
$('#fileList tr[data-file="'+target+'"]').data('size', newSize);
|
||||
$('#fileList tr[data-file="'+target+'"]').find('td.filesize').text(humanFileSize(newSize));
|
||||
var oldFile = FileList.findFileEl(target);
|
||||
var newFile = FileList.findFileEl(file);
|
||||
var oldSize = oldFile.data('size');
|
||||
var newSize = oldSize + newFile.data('size');
|
||||
oldFile.data('size', newSize);
|
||||
oldFile.find('td.filesize').text(humanFileSize(newSize));
|
||||
|
||||
FileList.remove(file);
|
||||
procesSelection();
|
||||
|
|
@ -738,7 +740,7 @@ Files.lazyLoadPreview = function(path, mime, ready, width, height, etag) {
|
|||
}
|
||||
|
||||
function getUniqueName(name) {
|
||||
if ($('tr[data-file="'+name+'"]').exists()) {
|
||||
if (FileList.findFileEl(name).exists()) {
|
||||
var parts=name.split('.');
|
||||
var extension = "";
|
||||
if (parts.length > 1) {
|
||||
|
|
|
|||
|
|
@ -29,19 +29,19 @@ $(document).ready(function() {
|
|||
}
|
||||
}
|
||||
FileActions.register('dir', 'Open', OC.PERMISSION_READ, '', function(filename) {
|
||||
var tr = $('tr').filterAttr('data-file', filename);
|
||||
var tr = FileList.findFileEl(filename);
|
||||
if (tr.length > 0) {
|
||||
window.location = $(tr).find('a.name').attr('href');
|
||||
}
|
||||
});
|
||||
FileActions.register('file', 'Download', OC.PERMISSION_READ, '', function(filename) {
|
||||
var tr = $('tr').filterAttr('data-file', filename);
|
||||
var tr = FileList.findFileEl(filename);
|
||||
if (tr.length > 0) {
|
||||
window.location = $(tr).find('a.name').attr('href');
|
||||
}
|
||||
});
|
||||
FileActions.register('dir', 'Download', OC.PERMISSION_READ, '', function(filename) {
|
||||
var tr = $('tr').filterAttr('data-file', filename);
|
||||
var tr = FileList.findFileEl(filename);
|
||||
if (tr.length > 0) {
|
||||
window.location = $(tr).find('a.name').attr('href')+'&download';
|
||||
}
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ $(document).ready(function() {
|
|||
} else {
|
||||
var item = $('#dir').val() + '/' + filename;
|
||||
}
|
||||
var tr = $('tr').filterAttr('data-file', filename);
|
||||
var tr = FileList.findFileEl(filename);
|
||||
if ($(tr).data('type') == 'dir') {
|
||||
var itemType = 'folder';
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -3,8 +3,8 @@ $(document).ready(function() {
|
|||
|
||||
if (typeof FileActions !== 'undefined') {
|
||||
FileActions.register('all', 'Restore', OC.PERMISSION_READ, OC.imagePath('core', 'actions/history'), function(filename) {
|
||||
var tr = $('tr').filterAttr('data-file', filename);
|
||||
var deleteAction = $('tr').filterAttr('data-file', filename).children("td.date").children(".action.delete");
|
||||
var tr = FileList.findFileEl(filename);
|
||||
var deleteAction = tr.children("td.date").children(".action.delete");
|
||||
deleteAction.removeClass('delete-icon').addClass('progress-icon');
|
||||
disableActions();
|
||||
$.post(OC.filePath('files_trashbin', 'ajax', 'undelete.php'),
|
||||
|
|
@ -30,8 +30,8 @@ $(document).ready(function() {
|
|||
return OC.imagePath('core', 'actions/delete');
|
||||
}, function(filename) {
|
||||
$('.tipsy').remove();
|
||||
var tr = $('tr').filterAttr('data-file', filename);
|
||||
var deleteAction = $('tr').filterAttr('data-file', filename).children("td.date").children(".action.delete");
|
||||
var tr = FileList.findFileEl(filename);
|
||||
var deleteAction = tr.children("td.date").children(".action.delete");
|
||||
deleteAction.removeClass('delete-icon').addClass('progress-icon');
|
||||
disableActions();
|
||||
$.post(OC.filePath('files_trashbin', 'ajax', 'delete.php'),
|
||||
|
|
@ -73,7 +73,7 @@ $(document).ready(function() {
|
|||
var dirlisting = getSelectedFiles('dirlisting')[0];
|
||||
disableActions();
|
||||
for (var i = 0; i < files.length; i++) {
|
||||
var deleteAction = $('tr').filterAttr('data-file', files[i]).children("td.date").children(".action.delete");
|
||||
var deleteAction = FileList.findFileEl(files[i]).children("td.date").children(".action.delete");
|
||||
deleteAction.removeClass('delete-icon').addClass('progress-icon');
|
||||
}
|
||||
|
||||
|
|
@ -119,7 +119,7 @@ $(document).ready(function() {
|
|||
}
|
||||
else {
|
||||
for (var i = 0; i < files.length; i++) {
|
||||
var deleteAction = $('tr').filterAttr('data-file', files[i]).children("td.date").children(".action.delete");
|
||||
var deleteAction = FileList.findFileEl(files[i]).children("td.date").children(".action.delete");
|
||||
deleteAction.removeClass('delete-icon').addClass('progress-icon');
|
||||
}
|
||||
}
|
||||
|
|
@ -169,7 +169,7 @@ $(document).ready(function() {
|
|||
event.preventDefault();
|
||||
}
|
||||
var filename = $(this).parent().parent().attr('data-file');
|
||||
var tr = $('tr').filterAttr('data-file',filename);
|
||||
var tr = FileList.findFileEl(filename);
|
||||
var renaming = tr.data('renaming');
|
||||
if(!renaming && !FileList.isLoading(filename)){
|
||||
if(mime.substr(0, 5) === 'text/'){ //no texteditor for now
|
||||
|
|
|
|||
|
|
@ -77,6 +77,7 @@ function goToVersionPage(url){
|
|||
function createVersionsDropdown(filename, files) {
|
||||
|
||||
var start = 0;
|
||||
var fileEl;
|
||||
|
||||
var html = '<div id="dropdown" class="drop drop-versions" data-file="'+escapeHTML(files)+'">';
|
||||
html += '<div id="private">';
|
||||
|
|
@ -86,8 +87,9 @@ function createVersionsDropdown(filename, files) {
|
|||
html += '<input type="button" value="'+ t('files_versions', 'More versions...') + '" name="show-more-versions" id="show-more-versions" style="display: none;" />';
|
||||
|
||||
if (filename) {
|
||||
$('tr').filterAttr('data-file',filename).addClass('mouseOver');
|
||||
$(html).appendTo($('tr').filterAttr('data-file',filename).find('td.filename'));
|
||||
fileEl = FileList.findFileEl(filename);
|
||||
fileEl.addClass('mouseOver');
|
||||
$(html).appendTo(fileEl.find('td.filename'));
|
||||
} else {
|
||||
$(html).appendTo($('thead .share'));
|
||||
}
|
||||
|
|
@ -138,7 +140,7 @@ function createVersionsDropdown(filename, files) {
|
|||
|
||||
var preview = '<img class="preview" src="'+revision.preview+'"/>';
|
||||
|
||||
var download ='<a href="' + path + "?file=" + files + '&revision=' + revision.version + '">';
|
||||
var download ='<a href="' + path + "?file=" + encodeURIComponent(files) + '&revision=' + revision.version + '">';
|
||||
download+='<img';
|
||||
download+=' src="' + OC.imagePath('core', 'actions/download') + '"';
|
||||
download+=' name="downloadVersion" />';
|
||||
|
|
@ -146,8 +148,7 @@ function createVersionsDropdown(filename, files) {
|
|||
download+='</a>';
|
||||
|
||||
var revert='<span class="revertVersion"';
|
||||
revert+=' id="' + revision.version + '"';
|
||||
revert+=' value="' + files + '">';
|
||||
revert+=' id="' + revision.version + '">';
|
||||
revert+='<img';
|
||||
revert+=' src="' + OC.imagePath('core', 'actions/history') + '"';
|
||||
revert+=' name="revertVersion"';
|
||||
|
|
@ -156,14 +157,13 @@ function createVersionsDropdown(filename, files) {
|
|||
var version=$('<li/>');
|
||||
version.attr('value', revision.version);
|
||||
version.html(preview + download + revert);
|
||||
// add file here for proper name escaping
|
||||
version.find('span.revertVersion').attr('value', files);
|
||||
|
||||
version.appendTo('#found_versions');
|
||||
}
|
||||
|
||||
$('tr').filterAttr('data-file',filename).addClass('mouseOver');
|
||||
$('#dropdown').show('blind');
|
||||
|
||||
|
||||
}
|
||||
|
||||
$(this).click(
|
||||
|
|
|
|||
|
|
@ -181,7 +181,8 @@ OC.Share={
|
|||
},
|
||||
showDropDown:function(itemType, itemSource, appendTo, link, possiblePermissions, filename) {
|
||||
var data = OC.Share.loadItem(itemType, itemSource);
|
||||
var html = '<div id="dropdown" class="drop" data-item-type="'+itemType+'" data-item-source="'+itemSource+'"" data-item-source-name="'+filename+'">';
|
||||
var dropDownEl;
|
||||
var html = '<div id="dropdown" class="drop" data-item-type="'+itemType+'" data-item-source="'+itemSource+'">';
|
||||
if (data !== false && data.reshare !== false && data.reshare.uid_owner !== undefined) {
|
||||
if (data.reshare.share_type == OC.Share.SHARE_TYPE_GROUP) {
|
||||
html += '<span class="reshare">'+t('core', 'Shared with you and the group {group} by {owner}', {group: escapeHTML(data.reshare.share_with), owner: escapeHTML(data.reshare.displayname_owner)})+'</span>';
|
||||
|
|
@ -239,7 +240,8 @@ OC.Share={
|
|||
html += '<input type="checkbox" name="expirationCheckbox" id="expirationCheckbox" value="1" /><label for="expirationCheckbox">'+t('core', 'Set expiration date')+'</label>';
|
||||
html += '<input id="expirationDate" type="text" placeholder="'+t('core', 'Expiration date')+'" style="display:none; width:90%;" />';
|
||||
html += '</div>';
|
||||
$(html).appendTo(appendTo);
|
||||
dropDownEl = $(html);
|
||||
dropDownEl = dropDownEl.appendTo(appendTo);
|
||||
// Reset item shares
|
||||
OC.Share.itemShares = [];
|
||||
if (data.shares) {
|
||||
|
|
@ -332,8 +334,10 @@ OC.Share={
|
|||
} else {
|
||||
html += '<input id="shareWith" type="text" placeholder="'+t('core', 'Resharing is not allowed')+'" style="width:90%;" disabled="disabled"/>';
|
||||
html += '</div>';
|
||||
$(html).appendTo(appendTo);
|
||||
dropDownEl = $(html);
|
||||
dropDownEl.appendTo(appendTo);
|
||||
}
|
||||
dropDownEl.attr('data-item-source-name', filename);
|
||||
$('#dropdown').show('blind', function() {
|
||||
OC.Share.droppedDown = true;
|
||||
});
|
||||
|
|
|
|||
Loading…
Reference in New Issue