Fossil SCM
For Download links, only include the tail-name of the file in the Content-Disposition header.
Commit
0feb4128695ad71bae0b52b4478b7908bbb4a809db532da3ad4a87a4d6e4fc79
Parent
dbcfcef7acedd35…
2 files changed
+7
-5
+3
-3
+7
-5
| --- src/cgi.c | ||
| +++ src/cgi.c | ||
| @@ -438,15 +438,17 @@ | ||
| 438 | 438 | |
| 439 | 439 | /* |
| 440 | 440 | ** Add a "Content-disposition: attachment; filename=%s" header to the reply. |
| 441 | 441 | */ |
| 442 | 442 | void cgi_content_disposition_filename(const char *zFilename){ |
| 443 | - /* 0123456789 123456789 123456789 123456789 123456*/ | |
| 444 | - char *z = mprintf("Content-Disposition: attachment; filename=\"%s\";\r\n", | |
| 445 | - zFilename); | |
| 446 | - int i; | |
| 447 | - int n = (int)strlen(z); | |
| 443 | + char *z; | |
| 444 | + int i, n; | |
| 445 | + | |
| 446 | + /* 0123456789 123456789 123456789 123456789 123456*/ | |
| 447 | + z = mprintf("Content-Disposition: attachment; filename=\"%s\";\r\n", | |
| 448 | + file_tail(zFilename)); | |
| 449 | + n = (int)strlen(z); | |
| 448 | 450 | for(i=43; i<n-4; i++){ |
| 449 | 451 | char c = z[i]; |
| 450 | 452 | if( fossil_isalnum(c) ) continue; |
| 451 | 453 | if( c=='.' || c=='-' || c=='/' ) continue; |
| 452 | 454 | z[i] = '_'; |
| 453 | 455 |
| --- src/cgi.c | |
| +++ src/cgi.c | |
| @@ -438,15 +438,17 @@ | |
| 438 | |
| 439 | /* |
| 440 | ** Add a "Content-disposition: attachment; filename=%s" header to the reply. |
| 441 | */ |
| 442 | void cgi_content_disposition_filename(const char *zFilename){ |
| 443 | /* 0123456789 123456789 123456789 123456789 123456*/ |
| 444 | char *z = mprintf("Content-Disposition: attachment; filename=\"%s\";\r\n", |
| 445 | zFilename); |
| 446 | int i; |
| 447 | int n = (int)strlen(z); |
| 448 | for(i=43; i<n-4; i++){ |
| 449 | char c = z[i]; |
| 450 | if( fossil_isalnum(c) ) continue; |
| 451 | if( c=='.' || c=='-' || c=='/' ) continue; |
| 452 | z[i] = '_'; |
| 453 |
| --- src/cgi.c | |
| +++ src/cgi.c | |
| @@ -438,15 +438,17 @@ | |
| 438 | |
| 439 | /* |
| 440 | ** Add a "Content-disposition: attachment; filename=%s" header to the reply. |
| 441 | */ |
| 442 | void cgi_content_disposition_filename(const char *zFilename){ |
| 443 | char *z; |
| 444 | int i, n; |
| 445 | |
| 446 | /* 0123456789 123456789 123456789 123456789 123456*/ |
| 447 | z = mprintf("Content-Disposition: attachment; filename=\"%s\";\r\n", |
| 448 | file_tail(zFilename)); |
| 449 | n = (int)strlen(z); |
| 450 | for(i=43; i<n-4; i++){ |
| 451 | char c = z[i]; |
| 452 | if( fossil_isalnum(c) ) continue; |
| 453 | if( c=='.' || c=='-' || c=='/' ) continue; |
| 454 | z[i] = '_'; |
| 455 |
+3
-3
| --- src/info.c | ||
| +++ src/info.c | ||
| @@ -1946,11 +1946,11 @@ | ||
| 1946 | 1946 | } |
| 1947 | 1947 | blob_zero(&downloadName); |
| 1948 | 1948 | if( P("verbose")!=0 ) objdescFlags |= OBJDESC_DETAIL; |
| 1949 | 1949 | object_description(rid, objdescFlags, 0, &downloadName); |
| 1950 | 1950 | style_submenu_element("Download", "%R/raw/%s?at=%T", |
| 1951 | - zUuid, blob_str(&downloadName)); | |
| 1951 | + zUuid, file_tail(blob_str(&downloadName))); | |
| 1952 | 1952 | @ <hr /> |
| 1953 | 1953 | content_get(rid, &content); |
| 1954 | 1954 | @ <blockquote><pre> |
| 1955 | 1955 | hexdump(&content); |
| 1956 | 1956 | @ </pre></blockquote> |
| @@ -2277,11 +2277,11 @@ | ||
| 2277 | 2277 | (isFile?zName:0), &downloadName); |
| 2278 | 2278 | } |
| 2279 | 2279 | if( !descOnly && P("download")!=0 ){ |
| 2280 | 2280 | cgi_redirectf("%R/raw/%s?at=%T", |
| 2281 | 2281 | db_text("x", "SELECT uuid FROM blob WHERE rid=%d", rid), |
| 2282 | - blob_str(&downloadName)); | |
| 2282 | + file_tail(blob_str(&downloadName))); | |
| 2283 | 2283 | /*NOTREACHED*/ |
| 2284 | 2284 | } |
| 2285 | 2285 | if( g.perm.Admin ){ |
| 2286 | 2286 | const char *zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid); |
| 2287 | 2287 | if( db_exists("SELECT 1 FROM shun WHERE uuid=%Q", zUuid) ){ |
| @@ -2322,11 +2322,11 @@ | ||
| 2322 | 2322 | const char *zIp = db_column_text(&q,2); |
| 2323 | 2323 | @ <p>Received on %s(zDate) from %h(zUser) at %h(zIp).</p> |
| 2324 | 2324 | } |
| 2325 | 2325 | db_finalize(&q); |
| 2326 | 2326 | } |
| 2327 | - style_submenu_element("Download", "%R/raw/%s?at=%T", zUuid, zName); | |
| 2327 | + style_submenu_element("Download", "%R/raw/%s?at=%T", zUuid, file_tail(zName)); | |
| 2328 | 2328 | if( db_exists("SELECT 1 FROM mlink WHERE fid=%d", rid) ){ |
| 2329 | 2329 | style_submenu_element("Check-ins Using", "%R/timeline?n=200&uf=%s", zUuid); |
| 2330 | 2330 | } |
| 2331 | 2331 | zMime = mimetype_from_name(blob_str(&downloadName)); |
| 2332 | 2332 | if( zMime ){ |
| 2333 | 2333 |
| --- src/info.c | |
| +++ src/info.c | |
| @@ -1946,11 +1946,11 @@ | |
| 1946 | } |
| 1947 | blob_zero(&downloadName); |
| 1948 | if( P("verbose")!=0 ) objdescFlags |= OBJDESC_DETAIL; |
| 1949 | object_description(rid, objdescFlags, 0, &downloadName); |
| 1950 | style_submenu_element("Download", "%R/raw/%s?at=%T", |
| 1951 | zUuid, blob_str(&downloadName)); |
| 1952 | @ <hr /> |
| 1953 | content_get(rid, &content); |
| 1954 | @ <blockquote><pre> |
| 1955 | hexdump(&content); |
| 1956 | @ </pre></blockquote> |
| @@ -2277,11 +2277,11 @@ | |
| 2277 | (isFile?zName:0), &downloadName); |
| 2278 | } |
| 2279 | if( !descOnly && P("download")!=0 ){ |
| 2280 | cgi_redirectf("%R/raw/%s?at=%T", |
| 2281 | db_text("x", "SELECT uuid FROM blob WHERE rid=%d", rid), |
| 2282 | blob_str(&downloadName)); |
| 2283 | /*NOTREACHED*/ |
| 2284 | } |
| 2285 | if( g.perm.Admin ){ |
| 2286 | const char *zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid); |
| 2287 | if( db_exists("SELECT 1 FROM shun WHERE uuid=%Q", zUuid) ){ |
| @@ -2322,11 +2322,11 @@ | |
| 2322 | const char *zIp = db_column_text(&q,2); |
| 2323 | @ <p>Received on %s(zDate) from %h(zUser) at %h(zIp).</p> |
| 2324 | } |
| 2325 | db_finalize(&q); |
| 2326 | } |
| 2327 | style_submenu_element("Download", "%R/raw/%s?at=%T", zUuid, zName); |
| 2328 | if( db_exists("SELECT 1 FROM mlink WHERE fid=%d", rid) ){ |
| 2329 | style_submenu_element("Check-ins Using", "%R/timeline?n=200&uf=%s", zUuid); |
| 2330 | } |
| 2331 | zMime = mimetype_from_name(blob_str(&downloadName)); |
| 2332 | if( zMime ){ |
| 2333 |
| --- src/info.c | |
| +++ src/info.c | |
| @@ -1946,11 +1946,11 @@ | |
| 1946 | } |
| 1947 | blob_zero(&downloadName); |
| 1948 | if( P("verbose")!=0 ) objdescFlags |= OBJDESC_DETAIL; |
| 1949 | object_description(rid, objdescFlags, 0, &downloadName); |
| 1950 | style_submenu_element("Download", "%R/raw/%s?at=%T", |
| 1951 | zUuid, file_tail(blob_str(&downloadName))); |
| 1952 | @ <hr /> |
| 1953 | content_get(rid, &content); |
| 1954 | @ <blockquote><pre> |
| 1955 | hexdump(&content); |
| 1956 | @ </pre></blockquote> |
| @@ -2277,11 +2277,11 @@ | |
| 2277 | (isFile?zName:0), &downloadName); |
| 2278 | } |
| 2279 | if( !descOnly && P("download")!=0 ){ |
| 2280 | cgi_redirectf("%R/raw/%s?at=%T", |
| 2281 | db_text("x", "SELECT uuid FROM blob WHERE rid=%d", rid), |
| 2282 | file_tail(blob_str(&downloadName))); |
| 2283 | /*NOTREACHED*/ |
| 2284 | } |
| 2285 | if( g.perm.Admin ){ |
| 2286 | const char *zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid); |
| 2287 | if( db_exists("SELECT 1 FROM shun WHERE uuid=%Q", zUuid) ){ |
| @@ -2322,11 +2322,11 @@ | |
| 2322 | const char *zIp = db_column_text(&q,2); |
| 2323 | @ <p>Received on %s(zDate) from %h(zUser) at %h(zIp).</p> |
| 2324 | } |
| 2325 | db_finalize(&q); |
| 2326 | } |
| 2327 | style_submenu_element("Download", "%R/raw/%s?at=%T", zUuid, file_tail(zName)); |
| 2328 | if( db_exists("SELECT 1 FROM mlink WHERE fid=%d", rid) ){ |
| 2329 | style_submenu_element("Check-ins Using", "%R/timeline?n=200&uf=%s", zUuid); |
| 2330 | } |
| 2331 | zMime = mimetype_from_name(blob_str(&downloadName)); |
| 2332 | if( zMime ){ |
| 2333 |