Sanitizing file names

This commit is contained in:
Lukas Reschke 2012-07-11 19:14:04 +02:00
parent 07efd39d8a
commit c3fea30811
1 changed files with 1 additions and 1 deletions

View File

@ -14,7 +14,7 @@ FileList={
var extension=false; var extension=false;
} }
html+='<td class="filename" style="background-image:url('+img+')"><input type="checkbox" />'; html+='<td class="filename" style="background-image:url('+img+')"><input type="checkbox" />';
html+='<a class="name" href="download.php?file='+$('#dir').val()+'/'+name+'"><span class="nametext">'+basename html+='<a class="name" href="download.php?file='+$('#dir').val().replace(/</, '&lt;').replace(/>/, '&gt;')+'/'+name+'"><span class="nametext">'+basename
if(extension){ if(extension){
html+='<span class="extension">'+extension+'</span>'; html+='<span class="extension">'+extension+'</span>';
} }