nextcloud/passman
1
1
Fork 0
mirror of https://github.com/nextcloud/passman.git synced 2025-12-09 13:16:03 +08:00
Code Issues Projects Releases Packages Wiki Activity

fix file download from credential view

Browse source
This commit is contained in:
binsky 2021-03-14 18:22:20 +01:00
parent 7065a60686
commit a361f31022
3 changed files with 13 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
js/app/controllers/public_shared_credential.js
View file

@ -58,7 +58,7 @@
return;
}
var file_data = EncryptService.decryptString(result.file_data, _key);
download(file_data, escapeHTML(file.filename), file.mimetype);
download(file_data, ShareService.escapeHTML(file.filename), file.mimetype);
});
};
}]);

4
js/app/directives/credentialtemplate.js
View file

@ -49,7 +49,7 @@
}
var file_data = EncryptService.decryptString(result.file_data, key);
download(file_data, escapeHTML(file.filename), file.mimetype);
download(file_data, ShareService.escapeHTML(file.filename), file.mimetype);
};
@ -65,4 +65,4 @@
}
};
}]);
}());
}());

11
js/app/services/shareservice.js
View file

@ -310,7 +310,16 @@
setTimeout(workload.bind(this), 0);
});
},
/**
* Sanitizes a HTML string by replacing all potential dangerous characters with HTML entities
* @param {string} s String to sanitize
* @return {string} Sanitized string
*/
escapeHTML: function (s) {
return s.toString().split('&').join('&amp;').split('<').join('&lt;').split('>').join('&gt;').split('"').join('&quot;').split('\'').join('&#039;');
}
};
}]);
}());
}());