Commit 542bbd0a by Bach Dániel

Merge branch 'issue-331' into 'master'

Encode url params in store

#331

See merge request !250
parents 69fb6219 938f05dc
...@@ -4,23 +4,23 @@ ...@@ -4,23 +4,23 @@
<div class="list-group-item"> <div class="list-group-item">
<div class="row"> <div class="row">
<div class="col-sm-6"> <div class="col-sm-6">
<a href="{% url "dashboard.views.store-upload"%}?directory={{ current }}" <a href="{% url "dashboard.views.store-upload"%}?directory={{ current|urlencode }}"
class="btn btn-info btn-xs js-hidden"> class="btn btn-info btn-xs js-hidden">
{% trans "Upload" %} {% trans "Upload" %}
</a> </a>
<form action="" data-action="{% url "dashboard.views.store-upload-url" %}" <form action="" data-action="{% url "dashboard.views.store-upload-url" %}"
method="POST" enctype="multipart/form-data" class="no-js-hidden" method="POST" enctype="multipart/form-data" class="no-js-hidden"
id="store-upload-form"> id="store-upload-form">
{% csrf_token %} {% csrf_token %}
<input type="hidden" name="current_dir" value="{{ current }}"/> <input type="hidden" name="current_dir" value="{{ current|urlencode }}"/>
<input type="hidden" name="next" value="{{ next_url }}"/> <input type="hidden" name="next" value="{{ next_url }}"/>
<div class="input-group" style="max-width: 350px;"> <div class="input-group" style="max-width: 350px;">
<span class="input-group-btn" id="store-upload-browse"> <span class="input-group-btn" id="store-upload-browse">
<span class="btn btn-primary btn-xs"> <span class="btn btn-primary btn-xs">
{% trans "Browse..." %} {% trans "Browse..." %}
</span> </span>
</span> </span>
<input type="text" class="form-control input-tags" <input type="text" class="form-control input-tags"
id="store-upload-filename"/> id="store-upload-filename"/>
<span class="input-group-btn"> <span class="input-group-btn">
<button type="submit" class="btn btn-primary btn-xs" disabled> <button type="submit" class="btn btn-primary btn-xs" disabled>
...@@ -33,13 +33,13 @@ ...@@ -33,13 +33,13 @@
</div><!-- .col-sm-6 upload --> </div><!-- .col-sm-6 upload -->
<div class="col-sm-6"> <div class="col-sm-6">
<a href="{% url "dashboard.views.store-remove" %}?path={{ current }}" <a href="{% url "dashboard.views.store-remove" %}?path={{ current|urlencode }}"
class="btn btn-danger btn-xs pull-right store-action-button" class="btn btn-danger btn-xs pull-right store-action-button"
title="{% trans "Remove directory" %}"> title="{% trans "Remove directory" %}">
<i class="fa fa-times"></i> <i class="fa fa-times"></i>
</a> </a>
<a href="{% url "dashboard.views.store-download" %}?path={{ current }}" <a href="{% url "dashboard.views.store-download" %}?path={{ current|urlencode }}"
class="btn btn-primary btn-xs pull-right store-action-button" class="btn btn-primary btn-xs pull-right store-action-button"
title="{% trans "Download directory" %}"> title="{% trans "Download directory" %}">
<i class="fa fa-cloud-download"></i> <i class="fa fa-cloud-download"></i>
</a> </a>
...@@ -51,7 +51,7 @@ ...@@ -51,7 +51,7 @@
<span class="input-group-addon input-tags" title="{% trans "New directory" %}"> <span class="input-group-addon input-tags" title="{% trans "New directory" %}">
<i class="fa fa-folder-open"></i> <i class="fa fa-folder-open"></i>
</span> </span>
<input type="text" class="form-control input-tags" name="name" <input type="text" class="form-control input-tags" name="name"
placeholder="{% trans "Name "%}" required/> placeholder="{% trans "Name "%}" required/>
<span class="input-group-btn"> <span class="input-group-btn">
<input type="submit" class="btn btn-success btn-xs" value="{% trans "Create" %}"/> <input type="submit" class="btn btn-success btn-xs" value="{% trans "Create" %}"/>
...@@ -64,7 +64,7 @@ ...@@ -64,7 +64,7 @@
</div><!-- .list-group --> </div><!-- .list-group -->
<div class="list-group" id="store-list-list"> <div class="list-group" id="store-list-list">
<a href="{% url "dashboard.views.store-list" %}?directory={{ up_url }}" <a href="{% url "dashboard.views.store-list" %}?directory={{ up_url|urlencode }}"
class="list-group-item store-list-item" data-item-type="D"> class="list-group-item store-list-item" data-item-type="D">
{% if current == "/" %} {% if current == "/" %}
<div class="store-list-item-icon"> <div class="store-list-item-icon">
...@@ -85,8 +85,8 @@ ...@@ -85,8 +85,8 @@
{% for f in root %} {% for f in root %}
<a class="list-group-item store-list-item" data-item-type="{{ f.TYPE }}" <a class="list-group-item store-list-item" data-item-type="{{ f.TYPE }}"
href="{% if f.TYPE == "D" %}{% url "dashboard.views.store-list" %}?directory={{ f.path }}{% else %} href="{% if f.TYPE == "D" %}{% url "dashboard.views.store-list" %}?directory={{ f.path|urlencode }}{% else %}
{% url "dashboard.views.store-download" %}?path={{ f.path }}{% endif %}" {% url "dashboard.views.store-download" %}?path={{ f.path|urlencode }}{% endif %}"
> >
<div class="store-list-item-icon"> <div class="store-list-item-icon">
<i class=" <i class="
...@@ -101,7 +101,7 @@ ...@@ -101,7 +101,7 @@
<span class="badge badge-pulse">{% trans "new" %}</span> <span class="badge badge-pulse">{% trans "new" %}</span>
{% endif %} {% endif %}
</div> </div>
<div class="store-list-item-size"> <div class="store-list-item-size">
{{ f.human_readable_size }} {{ f.human_readable_size }}
</div> </div>
...@@ -122,12 +122,12 @@ ...@@ -122,12 +122,12 @@
</dl> </dl>
</div> </div>
<div class="col-sm-2" style="text-align: right;"> <div class="col-sm-2" style="text-align: right;">
<a href="{% url "dashboard.views.store-download" %}?path={{ f.path }}" <a href="{% url "dashboard.views.store-download" %}?path={{ f.path|urlencode }}"
class="btn btn-primary btn-sm store-download-button"> class="btn btn-primary btn-sm store-download-button">
<i class="fa fa-download"></i> <i class="fa fa-download"></i>
{% trans "Download" %} {% trans "Download" %}
</a> </a>
<a href="{% url "dashboard.views.store-remove" %}?path={{ f.path }}" <a href="{% url "dashboard.views.store-remove" %}?path={{ f.path|urlencode }}"
class="btn btn-danger btn-xs store-remove-button"> class="btn btn-danger btn-xs store-remove-button">
<i class="fa fa-times"></i> <i class="fa fa-times"></i>
{% trans "Remove" %} {% trans "Remove" %}
......
...@@ -23,6 +23,7 @@ from os.path import join, normpath, dirname, basename ...@@ -23,6 +23,7 @@ from os.path import join, normpath, dirname, basename
from django.conf import settings from django.conf import settings
from django.contrib import messages from django.contrib import messages
from django.contrib.auth.decorators import login_required from django.contrib.auth.decorators import login_required
from django.template.defaultfilters import urlencode
from django.core.cache import get_cache from django.core.cache import get_cache
from django.core.exceptions import SuspiciousOperation from django.core.exceptions import SuspiciousOperation
from django.core.urlresolvers import reverse from django.core.urlresolvers import reverse
...@@ -55,7 +56,7 @@ class StoreList(LoginRequiredMixin, TemplateView): ...@@ -55,7 +56,7 @@ class StoreList(LoginRequiredMixin, TemplateView):
context['current'] = directory context['current'] = directory
context['next_url'] = "%s%s?directory=%s" % ( context['next_url'] = "%s%s?directory=%s" % (
settings.DJANGO_URL.rstrip("/"), settings.DJANGO_URL.rstrip("/"),
reverse("dashboard.views.store-list"), directory) reverse("dashboard.views.store-list"), urlencode(directory))
return context return context
def get(self, *args, **kwargs): def get(self, *args, **kwargs):
...@@ -112,7 +113,7 @@ def store_upload(request): ...@@ -112,7 +113,7 @@ def store_upload(request):
next_url = "%s%s?directory=%s" % ( next_url = "%s%s?directory=%s" % (
settings.DJANGO_URL.rstrip("/"), settings.DJANGO_URL.rstrip("/"),
reverse("dashboard.views.store-list"), directory) reverse("dashboard.views.store-list"), urlencode(directory))
return render(request, "dashboard/store/upload.html", return render(request, "dashboard/store/upload.html",
{'directory': directory, 'action': action, {'directory': directory, 'action': action,
...@@ -168,7 +169,7 @@ class StoreRemove(LoginRequiredMixin, TemplateView): ...@@ -168,7 +169,7 @@ class StoreRemove(LoginRequiredMixin, TemplateView):
return redirect("%s?directory=%s" % ( return redirect("%s?directory=%s" % (
reverse("dashboard.views.store-list"), reverse("dashboard.views.store-list"),
dirname(dirname(path)), urlencode(dirname(dirname(path))),
)) ))
...@@ -185,7 +186,7 @@ def store_new_directory(request): ...@@ -185,7 +186,7 @@ def store_new_directory(request):
name, path, unicode(request.user)) name, path, unicode(request.user))
messages.error(request, _("Unable to create folder.")) messages.error(request, _("Unable to create folder."))
return redirect("%s?directory=%s" % ( return redirect("%s?directory=%s" % (
reverse("dashboard.views.store-list"), path)) reverse("dashboard.views.store-list"), urlencode(path)))
@require_POST @require_POST
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment