NussNougate/crafty-4
2
0
Fork 0
mirror of https://gitlab.com/crafty-controller/crafty-4.git synced 2025-01-19 09:45:28 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'bug/plus-sign-path' into 'dev'

Browse Source 
Fix plus sign in path bug with downloads & uploads

See merge request crafty-controller/crafty-4!502
This commit is contained in:
Iain Powrie 2022-12-07 13:42:37 +00:00
commit da2c8ce0ef
7 changed files with 22 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOG.md
View File

@ -3,7 +3,8 @@
### New features ### New features
TBD TBD
### Bug fixes ### Bug fixes
- Fix port tooltip not showing on dash while server online ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/503)) - Fix port tooltip not showing on dash while server online. ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/503))
- Fix '+' char in path causing any file operation to fail. ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/502))
### Tweaks ### Tweaks
TBD TBD
### Lang ### Lang

3
app/classes/web/ajax_handler.py
View File

@ -4,6 +4,7 @@ import pathlib
import re import re
import logging import logging
import time import time
import urllib.parse
import bleach import bleach
import tornado.web import tornado.web
import tornado.escape import tornado.escape
@ -507,7 +508,7 @@ class AjaxHandler(BaseHandler):
self.redirect("/panel/dashboard") self.redirect("/panel/dashboard")
elif page == "unzip_server": elif page == "unzip_server":
path = self.get_argument("path", None) path = urllib.parse.unquote(self.get_argument("path", None))
if not path: if not path:
path = os.path.join( path = os.path.join(
self.controller.project_root, self.controller.project_root,

8
app/classes/web/panel_handler.py
View File

@ -7,6 +7,7 @@ import json
import logging import logging
import threading import threading
import shlex import shlex
import urllib.parse
import bleach import bleach
import requests import requests
import tornado.web import tornado.web
@ -1386,9 +1387,10 @@ class PanelHandler(BaseHandler):
template = "panel/activity_logs.html" template = "panel/activity_logs.html"
elif page == "download_file": elif page == "download_file":
file = Helpers.get_os_understandable_path(self.get_argument("path", "")) file = Helpers.get_os_understandable_path(
name = self.get_argument("name", "") urllib.parse.unquote(self.get_argument("path", ""))
)
name = urllib.parse.unquote(self.get_argument("name", ""))
server_id = self.check_server_id() server_id = self.check_server_id()
if server_id is None: if server_id is None:
return return

5
app/classes/web/upload_handler.py
View File

@ -1,6 +1,7 @@
import logging import logging
import os import os
import time import time
import urllib.parse
import tornado.web import tornado.web
import tornado.options import tornado.options
import tornado.httpserver import tornado.httpserver
@ -108,7 +109,9 @@ class UploadHandler(BaseHandler):
logger.debug("Could not delete file on user server upload") logger.debug("Could not delete file on user server upload")
self.helper.ensure_dir_exists(path) self.helper.ensure_dir_exists(path)
filename = self.request.headers.get("X-FileName", None) filename = urllib.parse.unquote(
self.request.headers.get("X-FileName", None)
)
if not str(filename).endswith(".zip"): if not str(filename).endswith(".zip"):
self.helper.websocket_helper.broadcast("close_upload_box", "error") self.helper.websocket_helper.broadcast("close_upload_box", "error")
self.finish("error") self.finish("error")

4
app/frontend/templates/panel/server_files.html
View File

@ -1027,7 +1027,9 @@
function downloadFileE(event) { function downloadFileE(event) {
path = event.target.parentElement.getAttribute('data-path'); path = event.target.parentElement.getAttribute('data-path');
name = event.target.parentElement.getAttribute('data-name'); name = event.target.parentElement.getAttribute('data-name');
window.location.href = `/panel/download_file?id=${serverId}&path=${path}&name=${name}`; encoded_path = encodeURIComponent(path)
encoded_name = encodeURIComponent(name)
window.location.href = `/panel/download_file?id=${serverId}&path=${encoded_path}&name=${encoded_name}`;
} }
function renameItemE(event) { function renameItemE(event) {

6
app/frontend/templates/server/bedrock_wizard.html
View File

@ -565,7 +565,7 @@
document.getElementById("upload_input").innerHTML = '<div class="progress"><div class="progress-bar progress-bar-striped progress-bar-animated" role="progressbar" aria-valuenow="100" aria-valuemin="0" aria-valuemax="100" style="width: 100%">&nbsp;<i class="fa-solid fa-spinner"></i></div></div>' document.getElementById("upload_input").innerHTML = '<div class="progress"><div class="progress-bar progress-bar-striped progress-bar-animated" role="progressbar" aria-valuenow="100" aria-valuemin="0" aria-valuemax="100" style="width: 100%">&nbsp;<i class="fa-solid fa-spinner"></i></div></div>'
let xmlHttpRequest = new XMLHttpRequest(); let xmlHttpRequest = new XMLHttpRequest();
let token = getCookie("_xsrf") let token = getCookie("_xsrf")
let fileName = file.name let fileName = encodeURIComponent(file.name)
let target = '/upload' let target = '/upload'
let mimeType = file.type let mimeType = file.type
let size = file.size let size = file.size
@ -610,7 +610,7 @@
$.ajax({ $.ajax({
type: "POST", type: "POST",
headers: { 'X-XSRFToken': token }, headers: { 'X-XSRFToken': token },
url: '/ajax/unzip_server?id=-1&file=' + file.name, url: '/ajax/unzip_server?id=-1&file=' + encodeURIComponent(file.name),
}); });
} else { } else {
bootbox.alert("You must input a path before selecting this button"); bootbox.alert("You must input a path before selecting this button");
@ -663,7 +663,7 @@
$.ajax({ $.ajax({
type: "POST", type: "POST",
headers: { 'X-XSRFToken': token }, headers: { 'X-XSRFToken': token },
url: '/ajax/unzip_server?id=-1&path=' + path, url: '/ajax/unzip_server?id=-1&path=' + encodeURIComponent(path),
}); });
} else { } else {
bootbox.alert("You must input a path before selecting this button"); bootbox.alert("You must input a path before selecting this button");

6
app/frontend/templates/server/wizard.html
View File

@ -788,7 +788,7 @@
$.ajax({ $.ajax({
type: "POST", type: "POST",
headers: { 'X-XSRFToken': token }, headers: { 'X-XSRFToken': token },
url: '/ajax/unzip_server?id=-1&path=' + path, url: '/ajax/unzip_server?id=-1&path=' + encodeURIComponent(path),
}); });
} else { } else {
bootbox.alert("You must input a path before selecting this button"); bootbox.alert("You must input a path before selecting this button");
@ -853,7 +853,7 @@
$.ajax({ $.ajax({
type: "POST", type: "POST",
headers: { 'X-XSRFToken': token }, headers: { 'X-XSRFToken': token },
url: '/ajax/unzip_server?id=-1&path=' + path, url: '/ajax/unzip_server?id=-1&path=' + encodeURIComponent(path),
}); });
} else { } else {
bootbox.alert("You must input a path before selecting this button"); bootbox.alert("You must input a path before selecting this button");
@ -875,7 +875,7 @@
$.ajax({ $.ajax({
type: "POST", type: "POST",
headers: { 'X-XSRFToken': token }, headers: { 'X-XSRFToken': token },
url: '/ajax/unzip_server?id=-1&file=' + file.name, url: '/ajax/unzip_server?id=-1&file=' + encodeURIComponent(file.name),
}); });
} else { } else {
bootbox.alert("You must input a path before selecting this button"); bootbox.alert("You must input a path before selecting this button");