Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Sanitizing file names

  • Loading branch information...
commit d203fa2c50f4b2791e68e2b8ab9a0f8b94f9c9f8 1 parent 9af74a9
@LukasReschke LukasReschke authored
Showing with 1 addition and 1 deletion.
  1. +1 −1  apps/files/js/filelist.js
View
2  apps/files/js/filelist.js
@@ -14,7 +14,7 @@ FileList={
var extension=false;
}
html+='<td class="filename" style="background-image:url('+img+')"><input type="checkbox" />';
- html+='<a class="name" href="download.php?file='+$('#dir').val()+'/'+name+'"><span class="nametext">'+basename
+ html+='<a class="name" href="download.php?file='+$('#dir').val().replace(/</, '&lt;').replace(/>/, '&gt;')+'/'+name+'"><span class="nametext">'+basename
if(extension){
html+='<span class="extension">'+extension+'</span>';
}
Please sign in to comment.
Something went wrong with that request. Please try again.