32752-remove-uri-escape.patch

Go MAEDA, 2020-01-11 08:39

Download (4.04 KB)

View differences:

.rubocop_todo.yml
441 441
Lint/UnusedMethodArgument:
442 442
  Enabled: false
443 443

  
444
Lint/UriEscapeUnescape:
445
  Exclude:
446
    - 'lib/redmine/field_format.rb'
447
    - 'lib/redmine/scm/adapters/subversion_adapter.rb'
448
    - 'test/functional/wiki_controller_test.rb'
449

  
450 444
Lint/UselessAssignment:
451 445
  Enabled: false
452 446

  
Gemfile
14 14
gem "nokogiri", "~> 1.10.0"
15 15
gem "i18n", "~> 1.6.0"
16 16
gem "rbpdf", "~> 1.20.0"
17
gem 'addressable'
17 18

  
18 19
# Windows does not include zoneinfo files, so bundle the tzinfo-data gem
19 20
gem 'tzinfo-data', platforms: [:mingw, :x64_mingw, :mswin]
lib/redmine/field_format.rb
269 269
      # %m1%, %m2%... => capture groups matches of the custom field regexp if defined
270 270
      def url_from_pattern(custom_field, value, customized)
271 271
        url = custom_field.url_pattern.to_s.dup
272
        url.gsub!('%value%') {URI.encode value.to_s}
273
        url.gsub!('%id%') {URI.encode customized.id.to_s}
272
        url.gsub!('%value%') {Addressable::URI.encode value.to_s}
273
        url.gsub!('%id%') {Addressable::URI.encode customized.id.to_s}
274 274
        url.gsub!('%project_id%') {
275
          URI.encode(
275
          Addressable::URI.encode(
276 276
            (customized.respond_to?(:project) ? customized.project.try(:id) : nil).to_s
277 277
          )
278 278
        }
279 279
        url.gsub!('%project_identifier%') {
280
          URI.encode(
280
          Addressable::URI.encode(
281 281
            (customized.respond_to?(:project) ? customized.project.try(:identifier) : nil).to_s
282 282
          )
283 283
        }
......
285 285
          url.gsub!(%r{%m(\d+)%}) do
286 286
            m = $1.to_i
287 287
            if matches ||= value.to_s.match(Regexp.new(custom_field.regexp))
288
              URI.encode matches[m].to_s
288
              Addressable::URI.encode matches[m].to_s
289 289
            end
290 290
          end
291 291
        end
lib/redmine/scm/adapters/subversion_adapter.rb
108 108
                next if entry['kind'] == 'dir' && commit_date.nil?
109 109

  
110 110
                name = entry['name']['__content__']
111
                entries << Entry.new({:name => URI.unescape(name),
111
                entries << Entry.new({:name => CGI.unescape(name),
112 112
                            :path => ((path.empty? ? "" : "#{path}/") + name),
113 113
                            :kind => entry['kind'],
114 114
                            :size => ((s = entry['size']) ? s['__content__'].to_i : nil),
......
289 289
        def target(path = '')
290 290
          base = /^\//.match?(path) ? root_url : url
291 291
          uri = "#{base}/#{path}"
292
          uri = URI.escape(URI.escape(uri), '[]')
292
          uri = Addressable::URI.encode(uri)
293 293
          shell_quote(uri.gsub(/[?<>\*]/, ''))
294 294
        end
295 295
      end
test/functional/wiki_controller_test.rb
1149 1149
      @request.user_agent = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063'
1150 1150
      get :show, :params => {:project_id => 1, :id => title, :format => format}
1151 1151
      assert_response :success
1152
      filename = URI.encode("#{title}.#{format}")
1152
      filename = Addressable::URI.encode("#{title}.#{format}")
1153 1153
      assert_equal "attachment; filename=\"#{filename}\"",
1154 1154
                   @response.headers['Content-Disposition']
1155 1155
    end