Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-02-03 23:00:14 -05:00
Code Issues Activity

🐛 better theme name consistency (#7380)

Browse source 
closes #7313

- Adds `getSanitizedFileName` function to storage/base.js which replaces non A-Z0-9@. chacracters with -
- modifies /api/theme.js so that zip.shortName is consistent throughout.
This commit is contained in:
Hannah Wolfe 2016-09-14 18:24:28 +01:00 committed by Katharina Irrgang
parent 8d7254aca5
commit 43bcf5b374
3 changed files with 24 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
core/server/api/themes.js
View file

@ -25,11 +25,12 @@ themes = {
// consistent filename uploads
options.originalname = options.originalname.toLowerCase();
var zip = {
var storageAdapter = storage.getStorage('themes'),
zip = {
path: options.path,
name: options.originalname,
shortName: options.originalname.split('.zip')[0]
}, theme, storageAdapter = storage.getStorage('themes');
shortName: storageAdapter.getSanitizedFileName(options.originalname.split('.zip')[0])
}, theme;
// check if zip name is casper.zip
if (zip.name === 'casper.zip') {

10
core/server/storage/base.js
View file

@ -51,12 +51,18 @@ StorageBase.prototype.getUniqueFileName = function (store, image, targetDir) {
// poor extension validation
// .1 is not a valid extension
if (!ext.match(/.\d/)) {
name = path.basename(image.name, ext).replace(/[^\w@.]/gi, '-');
name = this.getSanitizedFileName(path.basename(image.name, ext));
return this.generateUnique(store, targetDir, name, ext, 0);
} else {
name = path.basename(image.name).replace(/[^\w@.]/gi, '-');
name = this.getSanitizedFileName(path.basename(image.name));
return this.generateUnique(store, targetDir, name, null, 0);
}
};
StorageBase.prototype.getSanitizedFileName = function getSanitizedFileName(fileName) {
// below only matches ascii characters, @, and .
// unicode filenames like город.zip would therefore resolve to ----.zip
return fileName.replace(/[^\w@.]/gi, '-');
};
module.exports = StorageBase;

12
core/test/unit/storage/base_spec.js Normal file
View file

@ -0,0 +1,12 @@
var should = require('should'),
storage = require('../../../server/storage');
// to stop jshint complaining
should.equal(true, true);
describe('storage: base_spec', function () {
it('escape non accepted characters in filenames', function () {
var chosenStorage = storage.getStorage('themes');
chosenStorage.getSanitizedFileName('(abc*@#123).zip').should.eql('-abc-@-123-.zip');
});
});