mirror of
https://github.com/laurent22/joplin.git
synced 2024-12-24 10:27:10 +02:00
Server: Fixes #5328: Filenames with non-ascii characters could not be downloaded from published note
This commit is contained in:
parent
51dbf885b7
commit
0cec4753d8
@ -65,6 +65,14 @@ for (let i = 0; i < 32; i++) {
|
||||
|
||||
const friendlySafeFilename_blackListNames = ['.', '..', 'CON', 'PRN', 'AUX', 'NUL', 'COM1', 'COM2', 'COM3', 'COM4', 'COM5', 'COM6', 'COM7', 'COM8', 'COM9', 'LPT1', 'LPT2', 'LPT3', 'LPT4', 'LPT5', 'LPT6', 'LPT7', 'LPT8', 'LPT9'];
|
||||
|
||||
// The goal of this function is to provide a safe filename, that should work in
|
||||
// any filesystem, but that's still user friendly, in particular because it
|
||||
// supports any charset - Chinese, Russian, etc.
|
||||
//
|
||||
// "Safe" however doesn't mean it can be safely inserted in any content (HTML,
|
||||
// Markdown, etc.) - it still needs to be encoded by the calling code according
|
||||
// to the context.
|
||||
|
||||
export function friendlySafeFilename(e: string, maxLength: number = null, preserveExtension: boolean = false) {
|
||||
// Although Windows supports paths up to 255 characters, but that includes the filename and its
|
||||
// parent directory path. Also there's generally no good reason for dir or file names
|
||||
|
@ -21,6 +21,11 @@ async function renderItem(context: AppContext, item: Item, share: Share): Promis
|
||||
};
|
||||
}
|
||||
|
||||
function createContentDispositionHeader(filename: string) {
|
||||
const encoded = encodeURIComponent(friendlySafeFilename(filename));
|
||||
return `attachment; filename*=UTF-8''${encoded}; filename="${encoded}"`;
|
||||
}
|
||||
|
||||
const router: Router = new Router(RouteType.Web);
|
||||
|
||||
router.public = true;
|
||||
@ -46,7 +51,7 @@ router.get('shares/:id', async (path: SubPath, ctx: AppContext) => {
|
||||
ctx.response.body = result.body;
|
||||
ctx.response.set('Content-Type', result.mime);
|
||||
ctx.response.set('Content-Length', result.size.toString());
|
||||
if (result.filename) ctx.response.set('Content-disposition', `attachment; filename="${friendlySafeFilename(result.filename)}"`);
|
||||
if (result.filename) ctx.response.set('Content-disposition', createContentDispositionHeader(result.filename));
|
||||
return new Response(ResponseType.KoaResponse, ctx.response);
|
||||
}, RouteType.UserContent);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user