Daniel Brötzmann pushed to branch master at gajim / gajim
Commits:
dfbfa806 by cal0pteryx at 2026-04-07T21:07:30+02:00
imprv: File transfers: Sanitize RTL codepoints from file names
- - - - -
1 changed file:
- gajim/common/helpers.py
Changes:
=====================================
gajim/common/helpers.py
=====================================
@@ -76,10 +76,16 @@
def sanitize_filename(filename: str) -> str:
'''
- Sanitize filename of elements not allowed on Windows
- https://docs.microsoft.com/en-us/windows/win32/fileio/naming-a-file
+ Sanitize filename of:
+ - characters used to obfuscate file names/extensions
+ - elements not allowed on Windows
+ https://docs.microsoft.com/en-us/windows/win32/fileio/naming-a-file
Limit filename length to 50 chars on all systems
'''
+
+ # Remove right-to-left override U+202E (commonly used to spoof extensions)
+ filename = "".join(char for char in filename if ord(char) != 8238)
+
if sys.platform == 'win32':
blacklist = ['\\', '/', ':', '*', '?', '?', '"', '<', '>', '|', '\0']
reserved_filenames = [
View it on GitLab:
https://dev.gajim.org/gajim/gajim/-/commit/dfbfa80653f1f570e68dda0701be0fc7a5a5782a
--
View it on GitLab:
https://dev.gajim.org/gajim/gajim/-/commit/dfbfa80653f1f570e68dda0701be0fc7a5a5782a
You're receiving this email because of your account on dev.gajim.org.
_______________________________________________
Commits mailing list -- [email protected]
To unsubscribe send an email to [email protected]
