Commit 3c09de63bc13f224fe98dce2e402050d4006b9cb
encode filename better
cel committed on 3/14/2017, 2:11:13 AMParent: e3fc312c8e31b4c99e3ecbdcbb890ffc2dc51f05
Files changed
| lib/serve.js | changed |
| lib/serve.js | |||
|---|---|---|---|
| @@ -43,8 +43,12 @@ | |||
| 43 | 43 … | case 'json': return 'application/json' | |
| 44 | 44 … | } | |
| 45 | 45 … | } | |
| 46 | 46 … | ||
| 47 … | +function encodeDispositionFilename(fname) { | ||
| 48 … | + return '"' + fname.replace(/\/g/, '\\\\').replace(/"/, '\\\"') + '"' | ||
| 49 … | +} | ||
| 50 … | + | ||
| 47 | 51 … | function Serve(app, req, res) { | |
| 48 | 52 … | this.app = app | |
| 49 | 53 … | this.req = req | |
| 50 | 54 … | this.res = res | |
| @@ -506,9 +510,9 @@ | |||
| 506 | 510 … | ident(function (type) { | |
| 507 | 511 … | type = type && mime.lookup(type) | |
| 508 | 512 … | if (type) self.res.setHeader('Content-Type', type) | |
| 509 | 513 … | if (self.query.name) self.res.setHeader('Content-Disposition', | |
| 510 | - 'inline; filename='+encodeURIComponent(self.query.name)) | ||
| 514 … | + 'attachment; filename='+encodeDispositionFilename(self.query.name)) | ||
| 511 | 515 … | self.res.setHeader('Cache-Control', 'public, max-age=315360000') | |
| 512 | 516 … | self.res.setHeader('etag', id) | |
| 513 | 517 … | self.res.writeHead(200) | |
| 514 | 518 … | }), | |
Built with git-ssb-web