mirrors/copyparty
1
0
Fork 0
mirror of https://github.com/9001/copyparty.git synced 2025-08-19 01:42:20 -06:00
Code Issues Actions Packages Projects Releases Wiki Activity

url escaping

Browse source
This commit is contained in:
ed 2021-09-26 16:59:02 +02:00
parent 2fd99f807d
commit 5886a42901
7 changed files with 23 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
copyparty/httpcli.py
View file

@ -1782,7 +1782,7 @@ class HttpCli(object):
if filt and filt not in vp: if filt and filt not in vp:
continue continue
ret.append({"vp": vp, "sz": sz, "at": at}) ret.append({"vp": quotep(vp), "sz": sz, "at": at})
if len(ret) > 3000: if len(ret) > 3000:
ret.sort(key=lambda x: x["at"], reverse=True) ret.sort(key=lambda x: x["at"], reverse=True)
ret = ret[:2000] ret = ret[:2000]

10
copyparty/u2idx.py
View file

@ -8,7 +8,7 @@ import threading
from datetime import datetime from datetime import datetime
from .__init__ import ANYWIN, unicode from .__init__ import ANYWIN, unicode
from .util import absreal, s3dec, Pebkac, min_ex, gen_filekey from .util import absreal, s3dec, Pebkac, min_ex, gen_filekey, quotep
from .bos import bos from .bos import bos
from .up2k import up2k_wark_from_hashlist from .up2k import up2k_wark_from_hashlist
@ -253,21 +253,23 @@ class U2idx(object):
if rd.startswith("//") or fn.startswith("//"): if rd.startswith("//") or fn.startswith("//"):
rd, fn = s3dec(rd, fn) rd, fn = s3dec(rd, fn)
if fk: if not fk:
suf = ""
else:
try: try:
ap = absreal(os.path.join(ptop, rd, fn)) ap = absreal(os.path.join(ptop, rd, fn))
inf = bos.stat(ap) inf = bos.stat(ap)
except: except:
continue continue
fn += ( suf = (
"?k=" "?k="
+ gen_filekey( + gen_filekey(
self.args.fk_salt, ap, sz, 0 if ANYWIN else inf.st_ino self.args.fk_salt, ap, sz, 0 if ANYWIN else inf.st_ino
)[:fk] )[:fk]
) )
rp = "/".join([x for x in [vtop, rd, fn] if x]) rp = quotep("/".join([x for x in [vtop, rd, fn] if x])) + suf
sret.append({"ts": int(ts), "sz": sz, "rp": rp, "w": w[:16]}) sret.append({"ts": int(ts), "sz": sz, "rp": rp, "w": w[:16]})
for hit in sret: for hit in sret:

6
copyparty/up2k.py
View file

@ -27,6 +27,7 @@ from .util import (
sanitize_fn, sanitize_fn,
ren_open, ren_open,
atomic_move, atomic_move,
quotep,
vsplit, vsplit,
s3enc, s3enc,
s3dec, s3dec,
@ -1172,7 +1173,7 @@ class Up2k(object):
if job["need"]: if job["need"]:
self.log("unfinished:\n {0}\n {1}".format(src, dst)) self.log("unfinished:\n {0}\n {1}".format(src, dst))
err = "partial upload exists at a different location; please resume uploading here instead:\n" err = "partial upload exists at a different location; please resume uploading here instead:\n"
err += "/" + vsrc + " " err += "/" + quotep(vsrc) + " "
dupe = [cj["prel"], cj["name"]] dupe = [cj["prel"], cj["name"]]
try: try:
@ -1184,7 +1185,8 @@ class Up2k(object):
elif "nodupe" in self.flags[job["ptop"]]: elif "nodupe" in self.flags[job["ptop"]]:
self.log("dupe-reject:\n {0}\n {1}".format(src, dst)) self.log("dupe-reject:\n {0}\n {1}".format(src, dst))
err = "upload rejected, file already exists:\n/" + vsrc + " " err = "upload rejected, file already exists:\n"
err += "/" + quotep(vsrc) + " "
raise Pebkac(400, err) raise Pebkac(400, err)
else: else:
# symlink to the client-provided name, # symlink to the client-provided name,

3
copyparty/web/browser.css
View file

@ -1964,7 +1964,8 @@ html.light #u2foot .warn span {
background: #900; background: #900;
border-color: #d06; border-color: #d06;
} }
#u2tab a>span { #u2tab a>span,
#unpost a>span {
font-weight: bold; font-weight: bold;
font-style: italic; font-style: italic;
color: #fff; color: #fff;

4
copyparty/web/browser.js
View file

@ -2954,7 +2954,7 @@ document.onkeydown = function (e) {
var r = res.hits[a], var r = res.hits[a],
ts = parseInt(r.ts), ts = parseInt(r.ts),
sz = esc(r.sz + ''), sz = esc(r.sz + ''),
rp = esc(r.rp + ''), rp = esc(uricom_dec(r.rp + '')[0]),
ext = rp.lastIndexOf('.') > 0 ? rp.split('.').slice(-1)[0] : '%', ext = rp.lastIndexOf('.') > 0 ? rp.split('.').slice(-1)[0] : '%',
links = linksplit(r.rp + ''); links = linksplit(r.rp + '');
@ -4348,7 +4348,6 @@ var unpost = (function () {
} }
ct.onclick = function (e) { ct.onclick = function (e) {
ev(e);
var tgt = e.target.closest('a[me]'); var tgt = e.target.closest('a[me]');
if (!tgt) if (!tgt)
return; return;
@ -4356,6 +4355,7 @@ var unpost = (function () {
if (!tgt.getAttribute('href')) if (!tgt.getAttribute('href'))
return; return;
ev(e);
var ame = tgt.getAttribute('me'); var ame = tgt.getAttribute('me');
if (ame != r.me) if (ame != r.me)
return toast.err(0, 'something broke, please try a refresh'); return toast.err(0, 'something broke, please try a refresh');

5
copyparty/web/up2k.js
View file

@ -939,7 +939,7 @@ function up2k_init(subtle) {
pvis.addfile([ pvis.addfile([
uc.fsearch ? esc(entry.name) : linksplit( uc.fsearch ? esc(entry.name) : linksplit(
uricom_dec(entry.purl)[0] + entry.name).join(' '), entry.purl + uricom_enc(entry.name)).join(' '),
'📐 hash', '📐 hash',
'' ''
], fobj.size, draw_each); ], fobj.size, draw_each);
@ -1137,6 +1137,7 @@ function up2k_init(subtle) {
for (var a = 0; a < st.files.length; a++) { for (var a = 0; a < st.files.length; a++) {
var t = st.files[a]; var t = st.files[a];
if (t.want_recheck) { if (t.want_recheck) {
t.rechecks++;
t.want_recheck = false; t.want_recheck = false;
push_t(st.todo.handshake, t); push_t(st.todo.handshake, t);
} }
@ -1571,7 +1572,7 @@ function up2k_init(subtle) {
console.log("server-rename [" + t.purl + "] [" + t.name + "] to [" + rsp_purl + "] [" + response.name + "]"); console.log("server-rename [" + t.purl + "] [" + t.name + "] to [" + rsp_purl + "] [" + response.name + "]");
t.purl = rsp_purl; t.purl = rsp_purl;
t.name = response.name; t.name = response.name;
pvis.seth(t.n, 0, linksplit(uricom_dec(t.purl)[0] + t.name).join(' ')); pvis.seth(t.n, 0, linksplit(t.purl + uricom_enc(t.name)).join(' '));
} }
var chunksize = get_chunksize(t.size), var chunksize = get_chunksize(t.size),

10
copyparty/web/util.js
View file

@ -400,19 +400,17 @@ function linksplit(rp) {
link = rp.slice(0, ofs + 1); link = rp.slice(0, ofs + 1);
rp = rp.slice(ofs + 1); rp = rp.slice(ofs + 1);
} }
var vlink = esc(link), var vlink = esc(uricom_dec(link)[0]);
elink = uricom_enc(link);
if (link.indexOf('/') !== -1) { if (link.indexOf('/') !== -1) {
vlink = vlink.slice(0, -1) + '<span>/</span>'; vlink = vlink.slice(0, -1) + '<span>/</span>';
elink = elink.slice(0, -3) + '/';
} }
if (!rp && q) if (!rp && q)
elink += q; link += q;
ret.push('<a href="' + apath + elink + '">' + vlink + '</a>'); ret.push('<a href="' + apath + link + '">' + vlink + '</a>');
apath += elink; apath += link;
} }
return ret; return ret;
} }