mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-11-21 15:33:23 +01:00
do NOT send URL to client-side, it can contain passwords
This commit is contained in:
parent
07a0717a18
commit
0c8f4c4872
@ -1104,6 +1104,9 @@ class filemanager_ui
|
||||
{
|
||||
$row[$date_field] = Api\DateTime::server2user($row[$date_field]);
|
||||
}
|
||||
// do NOT send URL to client-side, it can contain passwords
|
||||
unset($row['url']);
|
||||
|
||||
$rows[++$n] = $row;
|
||||
$path2n[$path] = $n;
|
||||
}
|
||||
@ -1234,6 +1237,8 @@ class filemanager_ui
|
||||
else
|
||||
{
|
||||
$content = $stat;
|
||||
// do NOT send URL to client-side, it can contain passwords
|
||||
unset($content['url']);
|
||||
$content['name'] = $content['itempicker_merge']['name'] = Vfs::basename($path);
|
||||
$content['dir'] = $content['itempicker_merge']['dir'] = ($dir = Vfs::dirname($path)) ? Vfs::decodePath($dir) : '';
|
||||
$content['path'] = $path;
|
||||
|
Loading…
Reference in New Issue
Block a user