diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 146ad2287..110834848 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -441,12 +441,6 @@ Lint/UnusedBlockArgument: Lint/UnusedMethodArgument: Enabled: false -Lint/UriEscapeUnescape: - Exclude: - - 'lib/redmine/field_format.rb' - - 'lib/redmine/scm/adapters/subversion_adapter.rb' - - 'test/functional/wiki_controller_test.rb' - Lint/UselessAssignment: Enabled: false diff --git a/Gemfile b/Gemfile index f5428377d..5fb9d8288 100644 --- a/Gemfile +++ b/Gemfile @@ -14,6 +14,7 @@ gem "csv", "~> 3.1.1" gem "nokogiri", "~> 1.10.0" gem "i18n", "~> 1.6.0" gem "rbpdf", "~> 1.20.0" +gem 'addressable' # Windows does not include zoneinfo files, so bundle the tzinfo-data gem gem 'tzinfo-data', platforms: [:mingw, :x64_mingw, :mswin] diff --git a/lib/redmine/field_format.rb b/lib/redmine/field_format.rb index d063d1ccf..1df164e0a 100644 --- a/lib/redmine/field_format.rb +++ b/lib/redmine/field_format.rb @@ -269,15 +269,15 @@ module Redmine # %m1%, %m2%... => capture groups matches of the custom field regexp if defined def url_from_pattern(custom_field, value, customized) url = custom_field.url_pattern.to_s.dup - url.gsub!('%value%') {URI.encode value.to_s} - url.gsub!('%id%') {URI.encode customized.id.to_s} + url.gsub!('%value%') {Addressable::URI.encode value.to_s} + url.gsub!('%id%') {Addressable::URI.encode customized.id.to_s} url.gsub!('%project_id%') { - URI.encode( + Addressable::URI.encode( (customized.respond_to?(:project) ? customized.project.try(:id) : nil).to_s ) } url.gsub!('%project_identifier%') { - URI.encode( + Addressable::URI.encode( (customized.respond_to?(:project) ? customized.project.try(:identifier) : nil).to_s ) } @@ -285,7 +285,7 @@ module Redmine url.gsub!(%r{%m(\d+)%}) do m = $1.to_i if matches ||= value.to_s.match(Regexp.new(custom_field.regexp)) - URI.encode matches[m].to_s + Addressable::URI.encode matches[m].to_s end end end diff --git a/lib/redmine/scm/adapters/subversion_adapter.rb b/lib/redmine/scm/adapters/subversion_adapter.rb index 09b4aacb5..8748641ce 100644 --- a/lib/redmine/scm/adapters/subversion_adapter.rb +++ b/lib/redmine/scm/adapters/subversion_adapter.rb @@ -108,7 +108,7 @@ module Redmine next if entry['kind'] == 'dir' && commit_date.nil? name = entry['name']['__content__'] - entries << Entry.new({:name => URI.unescape(name), + entries << Entry.new({:name => CGI.unescape(name), :path => ((path.empty? ? "" : "#{path}/") + name), :kind => entry['kind'], :size => ((s = entry['size']) ? s['__content__'].to_i : nil), @@ -289,7 +289,7 @@ module Redmine def target(path = '') base = /^\//.match?(path) ? root_url : url uri = "#{base}/#{path}" - uri = URI.escape(URI.escape(uri), '[]') + uri = Addressable::URI.encode(uri) shell_quote(uri.gsub(/[?<>\*]/, '')) end end diff --git a/test/functional/wiki_controller_test.rb b/test/functional/wiki_controller_test.rb index 70b892ba5..bb76f51e8 100644 --- a/test/functional/wiki_controller_test.rb +++ b/test/functional/wiki_controller_test.rb @@ -1149,7 +1149,7 @@ class WikiControllerTest < Redmine::ControllerTest @request.user_agent = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063' get :show, :params => {:project_id => 1, :id => title, :format => format} assert_response :success - filename = URI.encode("#{title}.#{format}") + filename = Addressable::URI.encode("#{title}.#{format}") assert_equal "attachment; filename=\"#{filename}\"", @response.headers['Content-Disposition'] end