summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJean-Philippe Lang <jp_lang@yahoo.fr>2017-10-15 11:36:58 +0000
committerJean-Philippe Lang <jp_lang@yahoo.fr>2017-10-15 11:36:58 +0000
commit738bb449efb5ce199a6b3a32d8b4d7de29c6d51b (patch)
tree27351b635011c3b4b0ea560a43f8cf3af3d61bdf
parent5aeb19962a9f9d573e909fa82643803b1a7f2d86 (diff)
downloadredmine-738bb449efb5ce199a6b3a32d8b4d7de29c6d51b.tar.gz
redmine-738bb449efb5ce199a6b3a32d8b4d7de29c6d51b.zip
URL-escape additional characters with special meaning in the generated markup for dropped uploads (#26682).
Patch by Holger Just. git-svn-id: http://svn.redmine.org/redmine/trunk@16995 e93f8b46-1217-0410-a6f0-8f06a7374b81
-rw-r--r--public/javascripts/attachments.js3
1 files changed, 2 insertions, 1 deletions
diff --git a/public/javascripts/attachments.js b/public/javascripts/attachments.js
index 21ca97801..1baafc0bd 100644
--- a/public/javascripts/attachments.js
+++ b/public/javascripts/attachments.js
@@ -214,7 +214,8 @@ function addInlineAttachmentMarkup(file) {
var cursorPosition = $textarea.prop('selectionStart');
var description = $textarea.val();
var sanitizedFilename = file.name.replace(/[\/\?\%\*\:\|\"\'<>\n\r]+/, '_');
- var inlineFilename = encodeURIComponent(sanitizedFilename);
+ var inlineFilename = encodeURIComponent(sanitizedFilename)
+ .replace(/[!()]/g, function(match) { return "%" + match.charCodeAt(0).toString(16) });
var newLineBefore = true;
var newLineAfter = true;
if(cursorPosition === 0 || description.substr(cursorPosition-1,1).match(/\r|\n/)) {