Aristotle Pagaltzis <[EMAIL PROTECTED]> wrote on 08/19/2008 04:39:55 PM:
> * [EMAIL PROTECTED] <[EMAIL PROTECTED]> [2008-08-19 21:55]:
> > $c->response->headers->header('Content-disposition:' =>
> "attachment; filename=$filename" );
>
> You forgot
>
> $filename =~ s!"!\\"!g;
Yes, I usually sanitize and escape outside of that block -- good catch.
>
> Regards,
> --
> Aristotle Pagaltzis // <http://plasmasturm.org/>
>
> _______________________________________________
> List: [email protected]
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive:
http://www.mail-archive.com/[email protected]/
> Dev site: http://dev.catalyst.perl.org/
_______________________________________________
List: [email protected]
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/[email protected]/
Dev site: http://dev.catalyst.perl.org/
