Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
typo3
qfq
Commits
042f9da9
Commit
042f9da9
authored
Dec 02, 2019
by
Carsten Rose
Browse files
Fixes F9686: html decode and sanitize an export filename to become the 'save as'-filename
parent
b3b2d9b3
Pipeline
#2839
passed with stages
in 2 minutes and 51 seconds
Changes
1
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
extension/Classes/Core/Report/Link.php
View file @
042f9da9
...
...
@@ -28,6 +28,7 @@ use IMATHUZH\Qfq\Core\Helper\KeyValueStringParser;
use
IMATHUZH\Qfq\Core\Helper\OnArray
;
use
IMATHUZH\Qfq\Core\Helper\Support
;
use
IMATHUZH\Qfq\Core\Helper\Token
;
use
IMATHUZH\Qfq\Core\Helper\Sanitize
;
use
IMATHUZH\Qfq\Core\Store\Sip
;
use
IMATHUZH\Qfq\Core\Store\Store
;
...
...
@@ -1525,6 +1526,12 @@ EOF;
*/
private
function
buildDownload
(
$vars
,
$value
)
{
// By default, qfq saves everything HTML encoded. E.g. in form ''' - decode them back to regual UTF-8 text.
$filename
=
html_entity_decode
(
$vars
[
DOWNLOAD_EXPORT_FILENAME
],
ENT_QUOTES
|
ENT_XML1
,
'UTF-8'
);
// Remove unsafe characters.
$vars
[
DOWNLOAD_EXPORT_FILENAME
]
=
Sanitize
::
safeFilename
(
$filename
);
return
$vars
;
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment