diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2011-11-24 20:17:56 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2011-11-24 20:17:56 +0000 |
| commit | 902b3078d549ad533ad26878de5e74bb318fe1ea (patch) | |
| tree | 23dcae87d0d118f3c7531332b154605862e297f2 /app/models/attachment.rb | |
| parent | 3df586d22dd8fc09edf7360ad17f1667f81b7230 (diff) | |
| download | redmine-902b3078d549ad533ad26878de5e74bb318fe1ea.tar.gz redmine-902b3078d549ad533ad26878de5e74bb318fe1ea.zip | |
Limit the characters stripped by Attachment#sanitize_filename (#4324).
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@7917 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/models/attachment.rb')
| -rw-r--r-- | app/models/attachment.rb | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/app/models/attachment.rb b/app/models/attachment.rb index 2dda3f353..09e4057cf 100644 --- a/app/models/attachment.rb +++ b/app/models/attachment.rb @@ -177,11 +177,9 @@ private def sanitize_filename(value) # get only the filename, not the whole path just_filename = value.gsub(/^.*(\\|\/)/, '') - # NOTE: File.basename doesn't work right with Windows paths on Unix - # INCORRECT: just_filename = File.basename(value.gsub('\\\\', '/')) - # Finally, replace all non alphanumeric, hyphens or periods with underscore - @filename = just_filename.gsub(/[^\w\.\-]/,'_') + # Finally, replace invalid characters with underscore + @filename = just_filename.gsub(/[\/\?\%\*\:\|\"\'<>]+/, '_') end # Returns an ASCII or hashed filename |