Daniel Brötzmann pushed to branch sanitize-filenames at gajim / gajim
Commits: a1638def by wurstsalat at 2022-08-26T08:53:08+02:00 fix: Preview: Sanitize filename from disallowed chars Fixes #11105 - - - - - 2 changed files: - gajim/common/helpers.py - gajim/common/preview_helpers.py Changes: ===================================== gajim/common/helpers.py ===================================== @@ -358,26 +358,45 @@ def get_file_path_from_dnd_dropped_uri(uri: str) -> str: def sanitize_filename(filename: str) -> str: ''' - Make sure the filename we will write does contain only acceptable and latin - characters, and is not too long (in that case hash it) + Sanitize filename of elements not allowed on Windows + https://docs.microsoft.com/en-us/windows/win32/fileio/naming-a-file ''' - # 48 is the limit - if len(filename) > 48: - hash_ = hashlib.md5(filename.encode('utf-8')) - filename = base64.b64encode(hash_.digest()).decode('utf-8') - - # make it latin chars only - filename = punycode_encode(filename).decode('utf-8') - filename = filename.replace('/', '_') - if os.name == 'nt': - filename = filename.replace('?', '_')\ - .replace(':', '_')\ - .replace('\\', '_')\ - .replace('"', "'")\ - .replace('|', '_')\ - .replace('*', '_')\ - .replace('<', '_')\ - .replace('>', '_') + disallowed_chars = [ + '<', + '>', + ':', + '"', + '/', + '\\', + '|', + '?', + '*', + '..', + 'CON', + 'PRN', + 'AUX', + 'NUL', + 'COM1', + 'COM2', + 'COM3', + 'COM4', + 'COM5', + 'COM6', + 'COM7', + 'COM8', + 'COM9', + 'LPT1', + 'LPT2', + 'LPT3', + 'LPT4', + 'LPT5', + 'LPT6', + 'LPT7', + 'LPT8', + 'LPT9', + ] + for char in disallowed_chars: + filename = filename.replace(char, '_') return filename ===================================== gajim/common/preview_helpers.py ===================================== @@ -45,6 +45,7 @@ from cryptography.hazmat.primitives.ciphers import algorithms from cryptography.hazmat.primitives.ciphers.modes import GCM +from gajim.common.helpers import sanitize_filename from gajim.common.i18n import _ log = logging.getLogger('gajim.c.preview_helpers') @@ -315,6 +316,8 @@ def get_image_paths(uri: str, # so the filename should not exceed 90 web_stem = web_stem[:90] + web_stem = sanitize_filename(web_stem) + name_hash = hashlib.sha1(str(uri).encode()).hexdigest() orig_filename = f'{web_stem}_{name_hash}{extension}' View it on GitLab: https://dev.gajim.org/gajim/gajim/-/commit/a1638def1b0c96ec82c83800ea20f4eccdcd83cd -- View it on GitLab: https://dev.gajim.org/gajim/gajim/-/commit/a1638def1b0c96ec82c83800ea20f4eccdcd83cd You're receiving this email because of your account on dev.gajim.org.
_______________________________________________ Commits mailing list Commits@gajim.org https://lists.gajim.org/cgi-bin/listinfo/commits