This is an automated email from the ASF dual-hosted git repository.
sebb pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/whimsy.git
The following commit(s) were added to refs/heads/master by this push:
new b09c892e Sanitise file name
b09c892e is described below
commit b09c892eedd00022faf6734c4d1b841c3fb1dbf9
Author: Sebb <[email protected]>
AuthorDate: Tue Apr 18 21:09:50 2023 +0100
Sanitise file name
---
www/secretary/upload_file.cgi | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/www/secretary/upload_file.cgi b/www/secretary/upload_file.cgi
index 3d4aff5b..213d9aa8 100755
--- a/www/secretary/upload_file.cgi
+++ b/www/secretary/upload_file.cgi
@@ -63,7 +63,7 @@ _html do
else
data = source.read
end
- name = source.original_filename
+ name = source.original_filename.gsub(/[^-.\w]/, '_').sub(/^\.+/, '_')
ASF::Auth.decode(env = {})
# data can either be a string or a Tempfile
if ASF::SVN.create_(url, name, data, msg, env, _) == 0
