We are no longer offering accounts on this server. Consider https://gitlab.freedesktop.org/ as a place to host projects.

Commit cbcb9b00 authored by Brion Vibber's avatar Brion Vibber

Fixes for Mac metadata files mucking up theme zip files

parent c24458a9
......@@ -192,6 +192,15 @@ class ThemeUploader
if (in_array(strtolower($ext), $skip)) {
return true;
}
if ($filename == '' || substr($filename, 0, 1) == '.') {
// Skip Unix-style hidden files
return true;
}
if ($filename == '__MACOSX') {
// Skip awful metadata files Mac OS X slips in for you.
// Thanks Apple!
return true;
}
return false;
}
......@@ -205,11 +214,13 @@ class ThemeUploader
protected function validateFileOrFolder($name)
{
if (!preg_match('/^[a-z0-9_\.-]+$/i', $name)) {
common_log(LOG_ERR, "Bad theme filename: $name");
$msg = _("Theme contains invalid file or folder name. " .
"Stick with ASCII letters, digits, underscore, and minus sign.");
throw new ClientException($msg);
}
if (preg_match('/\.(php|cgi|asp|aspx|js|vb)\w/i', $name)) {
common_log(LOG_ERR, "Unsafe theme filename: $name");
$msg = _("Theme contains unsafe file extension names; may be unsafe.");
throw new ClientException($msg);
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment