Merge branch 'bug/plus-sign-path' into 'dev'

Fix plus sign in path bug with downloads & uploads

See merge request crafty-controller/crafty-4!502
This commit is contained in:
Iain Powrie 2022-12-07 13:42:37 +00:00
commit da2c8ce0ef
7 changed files with 22 additions and 13 deletions

View File

@ -3,7 +3,8 @@
### New features
TBD
### Bug fixes
- Fix port tooltip not showing on dash while server online ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/503))
- Fix port tooltip not showing on dash while server online. ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/503))
- Fix '+' char in path causing any file operation to fail. ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/502))
### Tweaks
TBD
### Lang

View File

@ -4,6 +4,7 @@ import pathlib
import re
import logging
import time
import urllib.parse
import bleach
import tornado.web
import tornado.escape
@ -507,7 +508,7 @@ class AjaxHandler(BaseHandler):
self.redirect("/panel/dashboard")
elif page == "unzip_server":
path = self.get_argument("path", None)
path = urllib.parse.unquote(self.get_argument("path", None))
if not path:
path = os.path.join(
self.controller.project_root,

View File

@ -7,6 +7,7 @@ import json
import logging
import threading
import shlex
import urllib.parse
import bleach
import requests
import tornado.web
@ -1386,9 +1387,10 @@ class PanelHandler(BaseHandler):
template = "panel/activity_logs.html"
elif page == "download_file":
file = Helpers.get_os_understandable_path(self.get_argument("path", ""))
name = self.get_argument("name", "")
file = Helpers.get_os_understandable_path(
urllib.parse.unquote(self.get_argument("path", ""))
)
name = urllib.parse.unquote(self.get_argument("name", ""))
server_id = self.check_server_id()
if server_id is None:
return

View File

@ -1,6 +1,7 @@
import logging
import os
import time
import urllib.parse
import tornado.web
import tornado.options
import tornado.httpserver
@ -108,7 +109,9 @@ class UploadHandler(BaseHandler):
logger.debug("Could not delete file on user server upload")
self.helper.ensure_dir_exists(path)
filename = self.request.headers.get("X-FileName", None)
filename = urllib.parse.unquote(
self.request.headers.get("X-FileName", None)
)
if not str(filename).endswith(".zip"):
self.helper.websocket_helper.broadcast("close_upload_box", "error")
self.finish("error")

View File

@ -1027,7 +1027,9 @@
function downloadFileE(event) {
path = event.target.parentElement.getAttribute('data-path');
name = event.target.parentElement.getAttribute('data-name');
window.location.href = `/panel/download_file?id=${serverId}&path=${path}&name=${name}`;
encoded_path = encodeURIComponent(path)
encoded_name = encodeURIComponent(name)
window.location.href = `/panel/download_file?id=${serverId}&path=${encoded_path}&name=${encoded_name}`;
}
function renameItemE(event) {

View File

@ -565,7 +565,7 @@
document.getElementById("upload_input").innerHTML = '<div class="progress"><div class="progress-bar progress-bar-striped progress-bar-animated" role="progressbar" aria-valuenow="100" aria-valuemin="0" aria-valuemax="100" style="width: 100%">&nbsp;<i class="fa-solid fa-spinner"></i></div></div>'
let xmlHttpRequest = new XMLHttpRequest();
let token = getCookie("_xsrf")
let fileName = file.name
let fileName = encodeURIComponent(file.name)
let target = '/upload'
let mimeType = file.type
let size = file.size
@ -610,7 +610,7 @@
$.ajax({
type: "POST",
headers: { 'X-XSRFToken': token },
url: '/ajax/unzip_server?id=-1&file=' + file.name,
url: '/ajax/unzip_server?id=-1&file=' + encodeURIComponent(file.name),
});
} else {
bootbox.alert("You must input a path before selecting this button");
@ -663,7 +663,7 @@
$.ajax({
type: "POST",
headers: { 'X-XSRFToken': token },
url: '/ajax/unzip_server?id=-1&path=' + path,
url: '/ajax/unzip_server?id=-1&path=' + encodeURIComponent(path),
});
} else {
bootbox.alert("You must input a path before selecting this button");

View File

@ -788,7 +788,7 @@
$.ajax({
type: "POST",
headers: { 'X-XSRFToken': token },
url: '/ajax/unzip_server?id=-1&path=' + path,
url: '/ajax/unzip_server?id=-1&path=' + encodeURIComponent(path),
});
} else {
bootbox.alert("You must input a path before selecting this button");
@ -853,7 +853,7 @@
$.ajax({
type: "POST",
headers: { 'X-XSRFToken': token },
url: '/ajax/unzip_server?id=-1&path=' + path,
url: '/ajax/unzip_server?id=-1&path=' + encodeURIComponent(path),
});
} else {
bootbox.alert("You must input a path before selecting this button");
@ -875,7 +875,7 @@
$.ajax({
type: "POST",
headers: { 'X-XSRFToken': token },
url: '/ajax/unzip_server?id=-1&file=' + file.name,
url: '/ajax/unzip_server?id=-1&file=' + encodeURIComponent(file.name),
});
} else {
bootbox.alert("You must input a path before selecting this button");