zydronium/neocities
1
0
Fork 0
mirror of https://github.com/neocities/neocities.git synced 2025-04-24 17:22:35 +02:00
Code Issues Projects Releases Packages Wiki Activity

escape file path properly in dashboard, remove question mark scrub for now

Browse source
This commit is contained in:
Kyle Drake 2024-09-15 10:14:27 -05:00
parent 605fa2cc74
commit 1794a4bcba
2 changed files with 1 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
models/site.rb
View file

@ -1226,8 +1226,6 @@ class Site < Sequel::Model
raise ArgumentError, 'invalid character for filename' if c < 32 raise ArgumentError, 'invalid character for filename' if c < 32
end end
# scrub question marks (I should probably just be erroring out for this)
clean_path.gsub!('?', '')
clean_path clean_path
end end

2
views/dashboard/files.erb
View file

@ -98,7 +98,7 @@
<% if file[:is_directory] %> <% if file[:is_directory] %>
<a class="link-overlay" href="?dir=<%= Rack::Utils.escape file[:path] %>" title="View <%= file[:path] %>"></a> <a class="link-overlay" href="?dir=<%= Rack::Utils.escape file[:path] %>" title="View <%= file[:path] %>"></a>
<% else %> <% else %>
<a class="link-overlay" href="<%= current_site.file_uri file[:path] %>" title="View <%= file[:path] == '/index.html' ? 'your site index' : file[:path] %>" target="_blank"></a> <a class="link-overlay" href="<%= current_site.file_uri Rack::Utils.escape(file[:path]) %>" title="View <%= file[:path] == '/index.html' ? 'your site index' : file[:path] %>" target="_blank"></a>
<% end %> <% end %>
</div> </div>
</div> </div>