diff options
author | Lukas Reschke <lukas@statuscode.ch> | 2012-09-22 11:20:17 +0200 |
---|---|---|
committer | Lukas Reschke <lukas@statuscode.ch> | 2012-09-22 11:20:17 +0200 |
commit | b4de89e6b4c05ddb99010e0dee071c919d338d5e (patch) | |
tree | 6ddfbc8862b16871a802a06b8ddac6566af964b2 /apps | |
parent | ac79fe649ca35784cbeaefa4e82224fb338e495a (diff) | |
download | nextcloud-server-b4de89e6b4c05ddb99010e0dee071c919d338d5e.tar.gz nextcloud-server-b4de89e6b4c05ddb99010e0dee071c919d338d5e.zip |
Sanitize download URL
@MTGap Can you please check if this break something?
Diffstat (limited to 'apps')
-rw-r--r-- | apps/files_sharing/public.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/apps/files_sharing/public.php b/apps/files_sharing/public.php index dbaf29e962d..525ffa83578 100644 --- a/apps/files_sharing/public.php +++ b/apps/files_sharing/public.php @@ -129,7 +129,7 @@ if (isset($_GET['file']) || isset($_GET['dir'])) { } else { $getPath = ''; } - $tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&download&dir='.$_GET['dir'].'&path='.$getPath, false); + $tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&download&dir='.$_GET['dir'].'&path='.$getPath); } else { // Show file preview if viewer is available $tmpl->assign('uidOwner', $uidOwner); @@ -137,14 +137,14 @@ if (isset($_GET['file']) || isset($_GET['dir'])) { $tmpl->assign('filename', basename($path)); $tmpl->assign('mimetype', OC_Filesystem::getMimeType($path)); if ($type == 'file') { - $tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&file='.$_GET['file'].'&download', false); + $tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&file='.$_GET['file'].'&download'); } else { if (isset($_GET['path'])) { $getPath = $_GET['path']; } else { $getPath = ''; } - $tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&download&dir='.$_GET['dir'].'&path='.$getPath, false); + $tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&download&dir='.$_GET['dir'].'&path='.$getPath); } } $tmpl->printPage(); |