New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] Unable to delete timelapse from UI when filename contains parenthesis #724
Comments
Just verified that after renaming the file to exclude parenthesis via the console the file deleted as expected. |
Issue does not exist on the filemanager on the main front page where the stl and gcode files live. |
I can confirm this bug. I tested it with my Version: 1.2.0-dev-405-gf52afb8-dirty (devel branch). secure = os.path.join(settings().getBaseFolder("timelapse"), secure_filename(filename)) Updating the line to secure = os.path.join(settings().getBaseFolder("timelapse"), filename) will make it work. But i'm not sure if it's the best idea to leave out the secure_filename(). Otherwise, the filenames for timelapses are taken from the *.gcode files. So i think they will allready be safe?! |
They will, but input validation is still necessary here. I'll fix it to properly check that no directory traversal happens here, but that should be enough. |
Was broken after switching to new file name sanitizing with the new file management layer, still stripped everything but ascii from the filename although timelapse file names may actually contain more than that character set since the gcode file names they are based off may too. Closes #724
Fixed in |
Trying to delete timelapse mpg within web UI.
For the file to delete and remove from list in UI.
File remained on filesystem and in web UI.
Version: 1.2.0-dev-404-gb0805a9 (devel branch)
N/A
No log entries added to octoprint.log
N/A
After investigating the issue it appears to be related to parenthesis in the filename. If there aren't any parenthesis in the filename the operation works as expected. Running dev branch on raspbian OS wheezy version 7.
I love cookies
The text was updated successfully, but these errors were encountered: