diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2016-12-16 08:45:41 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2016-12-16 08:45:41 +0000 |
| commit | 20be00e437a5874d8a47b82ba3aec6dc4c01c3be (patch) | |
| tree | beb13197ca2d6dc8adf38329086b35b9fbdd79fb /app/models/attachment.rb | |
| parent | ff81353e8cfd099f83f70008d4a04aa3a4079ad6 (diff) | |
| download | redmine-20be00e437a5874d8a47b82ba3aec6dc4c01c3be.tar.gz redmine-20be00e437a5874d8a47b82ba3aec6dc4c01c3be.zip | |
Restrict the length attachment filenames on disk (#24186).
git-svn-id: http://svn.redmine.org/redmine/trunk@16083 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/models/attachment.rb')
| -rw-r--r-- | app/models/attachment.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/app/models/attachment.rb b/app/models/attachment.rb index 19f30a609..d0384372a 100644 --- a/app/models/attachment.rb +++ b/app/models/attachment.rb @@ -413,7 +413,7 @@ class Attachment < ActiveRecord::Base def self.disk_filename(filename, directory=nil) timestamp = DateTime.now.strftime("%y%m%d%H%M%S") ascii = '' - if filename =~ %r{^[a-zA-Z0-9_\.\-]*$} + if filename =~ %r{^[a-zA-Z0-9_\.\-]*$} && filename.length <= 50 ascii = filename else ascii = Digest::MD5.hexdigest(filename) |