[whimsy] branch master updated: WHIMSY-344 Issues with URI.[un]escape

Tue, 29 Sep 2020 12:33:41 -0700 

This is an automated email from the ASF dual-hosted git repository.

sebb pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/whimsy.git


The following commit(s) were added to refs/heads/master by this push:
     new 50911be  WHIMSY-344 Issues with URI.[un]escape
50911be is described below

commit 50911beb3407e59cb62083f9e82ba0f6af27f1ab
Author: Sebb <[email protected]>
AuthorDate: Tue Sep 29 20:32:44 2020 +0100

    WHIMSY-344 Issues with URI.[un]escape
---
 www/secretary/workbench/server.rb                             | 5 +++--
 www/secretary/workbench/views/actions/check-signature.json.rb | 4 +++-
 www/secretary/workbench/views/actions/parse-icla.json.rb      | 4 +++-
 3 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/www/secretary/workbench/server.rb 
b/www/secretary/workbench/server.rb
index 94250ab..ec5cb4f 100644
--- a/www/secretary/workbench/server.rb
+++ b/www/secretary/workbench/server.rb
@@ -9,6 +9,7 @@ require 'ruby2js/es2017/strict'
 require 'ruby2js/filter/functions'
 require 'ruby2js/filter/require'
 require 'erb'
+require 'uri'
 require 'sanitize'
 require 'escape'
 require 'time' # for iso8601
@@ -221,7 +222,7 @@ get %r{/(\d{6})/(\w+)/_danger_/(.*?)} do |month, hash, name|
   message = Mailbox.new(month).find(hash)
   pass unless message
 
-  @part = message.find(URI.decode(name))
+  @part = message.find(URI::RFC2396_Parser.new.unescape(name))
   pass unless @part
 
   _html :danger
@@ -232,7 +233,7 @@ get %r{/(\d{6})/(\w+)/(.*?)} do |month, hash, name|
   message = Mailbox.new(month).find(hash)
   pass unless message
 
-  part = message.find(URI.decode(name))
+  part = message.find(URI::RFC2396_Parser.new.unescape(name))
   pass unless part
 
   [200, {'Content-Type' => part.content_type}, part.body.to_s]
diff --git a/www/secretary/workbench/views/actions/check-signature.json.rb 
b/www/secretary/workbench/views/actions/check-signature.json.rb
index 758de20..20b009c 100644
--- a/www/secretary/workbench/views/actions/check-signature.json.rb
+++ b/www/secretary/workbench/views/actions/check-signature.json.rb
@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'uri'
+
 # check signature on an attachment
 #
 
@@ -85,7 +87,7 @@ message = Mailbox.find(@message)
 
 begin
   # fetch attachment and signature
-  attachment = message.find(URI.decode(@attachment)).as_file # This is derived 
from a URI
+  attachment = 
message.find(URI::RFC2396_Parser.new.unescape(@attachment)).as_file # This is 
derived from a URI
   signature  = message.find(@signature).as_file # This is derived from the 
YAML file
 
   # pick the latest gpg version
diff --git a/www/secretary/workbench/views/actions/parse-icla.json.rb 
b/www/secretary/workbench/views/actions/parse-icla.json.rb
index 4d00a34..5862cfa 100644
--- a/www/secretary/workbench/views/actions/parse-icla.json.rb
+++ b/www/secretary/workbench/views/actions/parse-icla.json.rb
@@ -1,9 +1,11 @@
 # parse an icla from a PDF
 
+require 'uri'
 require_relative '../../../iclaparser'
 require_relative '../../models/mailbox'
 
-attachment = URI.decode(@attachment) # derived from a URI
+
+attachment = URI::RFC2396_Parser.new.unescape(@attachment) # derived from a URI
 
 # WHIMSY-322
 ALIASES = {

Reply via email to