Webdav: Invalid handling of files with '[' or ']' in file name #498

2016-02-01 16:23:47 +01:00 · 2016-02-01 16:23:47 +01:00 · 6b415536fa
commit 6b415536fa
parent 1359c8c324
3 changed files with 8 additions and 5 deletions
--- a/lib/redmine_dmsf/webdav/dmsf_resource.rb
+++ b/lib/redmine_dmsf/webdav/dmsf_resource.rb
@ -618,7 +618,7 @@ module RedmineDmsf
                lock_entity = lock.folder || lock.file
                lock_path = "#{request.scheme}://#{request.host}:#{request.port}#{path_prefix}#{URI.escape(lock_entity.project.identifier)}/"
                lock_path << lock_entity.dmsf_path.map {|x| URI.escape(x.respond_to?('name') ? x.name : x.title) }.join('/')
-                lock_path << "/" if lock_entity.is_a?(DmsfFolder) && lock_path[-1,1] != '/'
+                lock_path << '/' if lock_entity.is_a?(DmsfFolder) && lock_path[-1,1] != '/'
                doc.lockroot { doc.href lock_path }
                if (lock.user.id == User.current.id || User.current.allowed_to?(:force_file_unlock, self.project))
                  doc.locktoken { doc.href lock.uuid }
--- a/lib/redmine_dmsf/webdav/download.rb
+++ b/lib/redmine_dmsf/webdav/download.rb
@ -1,6 +1,9 @@
+# encoding: utf-8
+#
 # Redmine plugin for Document Management System "Features"
 #
 # Copyright (C) 2012   Daniel Munn <dan.munn@munnster.co.uk>
+# Copyright (C) 2011-16 Karel Pičman <karel.picman@kontron.com>
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License
@ -29,8 +32,8 @@ module RedmineDmsf
      end

      def _call(env)
-        unless ALLOWED_VERBS.include? env["REQUEST_METHOD"]
-          return fail(405, "Method Not Allowed")
+        unless ALLOWED_VERBS.include? env['REQUEST_METHOD']
+          return fail(405, 'Method Not Allowed')
        end

        available = begin
--- a/lib/redmine_dmsf/webdav/project_resource.rb
+++ b/lib/redmine_dmsf/webdav/project_resource.rb
@ -3,7 +3,7 @@
 # Redmine plugin for Document Management System "Features"
 #
 # Copyright (C) 2012    Daniel Munn <dan.munn@munnster.co.uk>
-# Copyright (C) 2011-14 Karel Pičman <karel.picman@kontron.com>
+# Copyright (C) 2011-16 Karel Pičman <karel.picman@kontron.com>
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License
@ -72,7 +72,7 @@ module RedmineDmsf
      end

      def content_type
-        "inode/directory"
+        'inode/directory'
      end

      def special_type