Defect #32752 ยป 32752-remove-uri-escape.patch
| .rubocop_todo.yml | ||
|---|---|---|
| 441 | 441 |
Lint/UnusedMethodArgument: |
| 442 | 442 |
Enabled: false |
| 443 | 443 | |
| 444 |
Lint/UriEscapeUnescape: |
|
| 445 |
Exclude: |
|
| 446 |
- 'lib/redmine/field_format.rb' |
|
| 447 |
- 'lib/redmine/scm/adapters/subversion_adapter.rb' |
|
| 448 |
- 'test/functional/wiki_controller_test.rb' |
|
| 449 | ||
| 450 | 444 |
Lint/UselessAssignment: |
| 451 | 445 |
Enabled: false |
| 452 | 446 | |
| Gemfile | ||
|---|---|---|
| 14 | 14 |
gem "nokogiri", "~> 1.10.0" |
| 15 | 15 |
gem "i18n", "~> 1.6.0" |
| 16 | 16 |
gem "rbpdf", "~> 1.20.0" |
| 17 |
gem 'addressable' |
|
| 17 | 18 | |
| 18 | 19 |
# Windows does not include zoneinfo files, so bundle the tzinfo-data gem |
| 19 | 20 |
gem 'tzinfo-data', platforms: [:mingw, :x64_mingw, :mswin] |
| lib/redmine/field_format.rb | ||
|---|---|---|
| 269 | 269 |
# %m1%, %m2%... => capture groups matches of the custom field regexp if defined |
| 270 | 270 |
def url_from_pattern(custom_field, value, customized) |
| 271 | 271 |
url = custom_field.url_pattern.to_s.dup |
| 272 |
url.gsub!('%value%') {URI.encode value.to_s}
|
|
| 273 |
url.gsub!('%id%') {URI.encode customized.id.to_s}
|
|
| 272 |
url.gsub!('%value%') {Addressable::URI.encode value.to_s}
|
|
| 273 |
url.gsub!('%id%') {Addressable::URI.encode customized.id.to_s}
|
|
| 274 | 274 |
url.gsub!('%project_id%') {
|
| 275 |
URI.encode( |
|
| 275 |
Addressable::URI.encode(
|
|
| 276 | 276 |
(customized.respond_to?(:project) ? customized.project.try(:id) : nil).to_s |
| 277 | 277 |
) |
| 278 | 278 |
} |
| 279 | 279 |
url.gsub!('%project_identifier%') {
|
| 280 |
URI.encode( |
|
| 280 |
Addressable::URI.encode(
|
|
| 281 | 281 |
(customized.respond_to?(:project) ? customized.project.try(:identifier) : nil).to_s |
| 282 | 282 |
) |
| 283 | 283 |
} |
| ... | ... | |
| 285 | 285 |
url.gsub!(%r{%m(\d+)%}) do
|
| 286 | 286 |
m = $1.to_i |
| 287 | 287 |
if matches ||= value.to_s.match(Regexp.new(custom_field.regexp)) |
| 288 |
URI.encode matches[m].to_s |
|
| 288 |
Addressable::URI.encode matches[m].to_s
|
|
| 289 | 289 |
end |
| 290 | 290 |
end |
| 291 | 291 |
end |
| lib/redmine/scm/adapters/subversion_adapter.rb | ||
|---|---|---|
| 108 | 108 |
next if entry['kind'] == 'dir' && commit_date.nil? |
| 109 | 109 | |
| 110 | 110 |
name = entry['name']['__content__'] |
| 111 |
entries << Entry.new({:name => URI.unescape(name),
|
|
| 111 |
entries << Entry.new({:name => CGI.unescape(name),
|
|
| 112 | 112 |
:path => ((path.empty? ? "" : "#{path}/") + name),
|
| 113 | 113 |
:kind => entry['kind'], |
| 114 | 114 |
:size => ((s = entry['size']) ? s['__content__'].to_i : nil), |
| ... | ... | |
| 289 | 289 |
def target(path = '') |
| 290 | 290 |
base = /^\//.match?(path) ? root_url : url |
| 291 | 291 |
uri = "#{base}/#{path}"
|
| 292 |
uri = URI.escape(URI.escape(uri), '[]')
|
|
| 292 |
uri = Addressable::URI.encode(uri)
|
|
| 293 | 293 |
shell_quote(uri.gsub(/[?<>\*]/, '')) |
| 294 | 294 |
end |
| 295 | 295 |
end |
| test/functional/wiki_controller_test.rb | ||
|---|---|---|
| 1149 | 1149 |
@request.user_agent = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063' |
| 1150 | 1150 |
get :show, :params => {:project_id => 1, :id => title, :format => format}
|
| 1151 | 1151 |
assert_response :success |
| 1152 |
filename = URI.encode("#{title}.#{format}")
|
|
| 1152 |
filename = Addressable::URI.encode("#{title}.#{format}")
|
|
| 1153 | 1153 |
assert_equal "attachment; filename=\"#{filename}\"",
|
| 1154 | 1154 |
@response.headers['Content-Disposition'] |
| 1155 | 1155 |
end |