From c2e0143bfe35b539bdbec9971e83fa9f9ab78034 Mon Sep 17 00:00:00 2001 From: wxiaoguang Date: Wed, 9 Aug 2023 14:57:45 +0800 Subject: Introduce ctx.PathParamRaw to avoid incorrect unescaping (#26392) Fix #26389 And complete an old TODO: `ctx.Params does un-escaping,..., which is incorrect.` --- routers/api/v1/repo/wiki.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'routers/api') diff --git a/routers/api/v1/repo/wiki.go b/routers/api/v1/repo/wiki.go index e33790a378..7f3a7d0674 100644 --- a/routers/api/v1/repo/wiki.go +++ b/routers/api/v1/repo/wiki.go @@ -127,7 +127,7 @@ func EditWikiPage(ctx *context.APIContext) { form := web.GetForm(ctx).(*api.CreateWikiPageOptions) - oldWikiName := wiki_service.WebPathFromRequest(ctx.Params(":pageName")) + oldWikiName := wiki_service.WebPathFromRequest(ctx.PathParamRaw(":pageName")) newWikiName := wiki_service.UserTitleToWebPath("", form.Title) if len(newWikiName) == 0 { @@ -231,7 +231,7 @@ func DeleteWikiPage(ctx *context.APIContext) { // "404": // "$ref": "#/responses/notFound" - wikiName := wiki_service.WebPathFromRequest(ctx.Params(":pageName")) + wikiName := wiki_service.WebPathFromRequest(ctx.PathParamRaw(":pageName")) if err := wiki_service.DeleteWikiPage(ctx, ctx.Doer, ctx.Repo.Repository, wikiName); err != nil { if err.Error() == "file does not exist" { @@ -359,7 +359,7 @@ func GetWikiPage(ctx *context.APIContext) { // "$ref": "#/responses/notFound" // get requested pagename - pageName := wiki_service.WebPathFromRequest(ctx.Params(":pageName")) + pageName := wiki_service.WebPathFromRequest(ctx.PathParamRaw(":pageName")) wikiPage := getWikiPage(ctx, pageName) if !ctx.Written() { @@ -409,7 +409,7 @@ func ListPageRevisions(ctx *context.APIContext) { } // get requested pagename - pageName := wiki_service.WebPathFromRequest(ctx.Params(":pageName")) + pageName := wiki_service.WebPathFromRequest(ctx.PathParamRaw(":pageName")) if len(pageName) == 0 { pageName = "Home" } -- cgit v1.2.3