From 97efc7808cde95d7e22c081162b526b521c40e6c Mon Sep 17 00:00:00 2001 From: Nathan Gray Date: Wed, 18 Mar 2015 16:20:11 +0000 Subject: [PATCH] Let filemanager/vfs handle escaping characters instead of just stripping them out --- filemanager/inc/class.filemanager_select.inc.php | 5 +++++ mail/js/app.js | 6 +++--- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/filemanager/inc/class.filemanager_select.inc.php b/filemanager/inc/class.filemanager_select.inc.php index bc105282ac..95723a1cdc 100644 --- a/filemanager/inc/class.filemanager_select.inc.php +++ b/filemanager/inc/class.filemanager_select.inc.php @@ -168,6 +168,11 @@ class filemanager_select case 'select-dir': $files = $content['path']; break; + + case 'saveas': + // Don't trust the name the user gives, encode it + $content['name'] = egw_vfs::encodePathComponent($content['name']); + // Fall through default: $files = egw_vfs::concat($content['path'],$content['name']); diff --git a/mail/js/app.js b/mail/js/app.js index 8a79381e85..99915f811d 100644 --- a/mail/js/app.js +++ b/mail/js/app.js @@ -2579,7 +2579,7 @@ app.classes.mail = AppJS.extend( url += 'menuaction=filemanager.filemanager_select.select'; // todo compose for Draft folder url += '&mode=saveas'; var subject = dataElem? dataElem.data.subject: _elems[0].subject; - var filename = subject.replace(/[\f\n\t\v/\\:*#?<>\|]/g,"_")|| 'unknown'; + var filename = subject.replace(/[\f\n\t\v]/g,"_")|| 'unknown'; url += '&name='+encodeURIComponent(filename+'.eml'); url += '&mime=message'+encodeURIComponent('/')+'rfc822'; url += '&method=mail.mail_ui.vfsSaveMessage'; @@ -3508,7 +3508,7 @@ app.classes.mail = AppJS.extend( 'acc_id': acc_id, 'ajax': 'true' }); - + // an ugly hack for idots to show up sieve rules not in an iframe // but as new link, better to remove it after get rid of idots template if (typeof window.framework == 'undefined') @@ -3739,7 +3739,7 @@ app.classes.mail = AppJS.extend( // ckeditor may causes performance regression, especially on devices with // very limited resources and slow proccessor. if (egwIsMobile()) return; - + var bodyH = egw_getWindowInnerHeight(); var textArea = this.et2.getWidgetById('mail_plaintext'); var $headerSec = jQuery('.mailComposeHeaderSection');