diff options
| author | John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com> | 2018-12-18 11:17:49 +0300 |
|---|---|---|
| committer | Backportbot <backportbot-noreply@rullzer.com> | 2018-12-19 11:55:09 +0300 |
| commit | b1c1ac145906a868708f4965e04f54d1cc05cf54 (patch) | |
| tree | b1c7fc758526ce5ae58848d593518d393b7759ab /apps/files_sharing | |
| parent | 0a59b4ec6b1212be1851a22ece95ac83ef2ed336 (diff) | |
Prevent special characters from breaking the file drop remote url
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
Diffstat (limited to 'apps/files_sharing')
| -rw-r--r-- | apps/files_sharing/js/files_drop.js | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/apps/files_sharing/js/files_drop.js b/apps/files_sharing/js/files_drop.js index 8d1273f1872..9f3caf62ce0 100644 --- a/apps/files_sharing/js/files_drop.js +++ b/apps/files_sharing/js/files_drop.js @@ -35,7 +35,11 @@ useHTTPS: OC.getProtocol() === 'https' }); + // We only process one file at a time 🤷♀️ var name = data.files[0].name; + // removing unwanted characters + name = name.replace(/["'#%`]/gm, ''); + try { // FIXME: not so elegant... need to refactor that method to return a value Files.isFileNameValid(name); |