diff options
| author | Lukas Reschke <lukas@statuscode.ch> | 2012-07-11 19:14:04 +0200 |
|---|---|---|
| committer | Lukas Reschke <lukas@statuscode.ch> | 2012-07-11 19:15:11 +0200 |
| commit | d203fa2c50f4b2791e68e2b8ab9a0f8b94f9c9f8 (patch) | |
| tree | 8cb1c08bd0eea58e31e0cb4ec3ce246c6bc5c536 /apps | |
| parent | 9af74a9c80c074589f2d5efc365b3a9dee3031ed (diff) | |
| download | nextcloud-server-d203fa2c50f4b2791e68e2b8ab9a0f8b94f9c9f8.tar.gz nextcloud-server-d203fa2c50f4b2791e68e2b8ab9a0f8b94f9c9f8.zip | |
Sanitizing file names
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/files/js/filelist.js | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/apps/files/js/filelist.js b/apps/files/js/filelist.js index e6a9a6883af..3645258f98f 100644 --- a/apps/files/js/filelist.js +++ b/apps/files/js/filelist.js @@ -14,7 +14,7 @@ FileList={ var extension=false; } html+='<td class="filename" style="background-image:url('+img+')"><input type="checkbox" />'; - html+='<a class="name" href="download.php?file='+$('#dir').val()+'/'+name+'"><span class="nametext">'+basename + html+='<a class="name" href="download.php?file='+$('#dir').val().replace(/</, '<').replace(/>/, '>')+'/'+name+'"><span class="nametext">'+basename if(extension){ html+='<span class="extension">'+extension+'</span>'; } |