On Wednesday 17 February 2010 19:45:27 Evan Daniel wrote:
> On Wed, Feb 17, 2010 at 12:21 PM, Matthew Toseland
>
> <toad at amphibian.dyndns.org> wrote:
> > + private static final boolean operatingSystemIsWindows() { //
> > TODO: Move to the proper class + try {
> > + return
> > System.getProperty("os.name").toLowerCase().indexOf("win") >= 0; +
> > } catch(Throwable t) {
> > + return true; // :)
> > + }
> > + }
> >
> > IMHO this is dodgy, other OSs might have "win" in them. Normally we just
> > check if File.separator is "\".
> >
> > I am not convinced that the rest of the change is a good idea. For
> > example allowing HTML markup in filenames might combine with sloppy code
> > to cause problems. Allowing % in url's might again cause issues. Allowing
> > pipes, <>, and spaces might cause problems with filenames copied to a
> > shell. I guess it should depend on the configuration i.e. how paranoid
> > the user is.
>
> Similarly, as I've mentioned on IRC, I think we should take a set of
> characters that will work on all common OSes (modern Windows, Linux,
> OSX, BSDs) and filter to that regardless of host OS, and that we
> should filter both on upload and download. This would make it vastly
> simpler to have one person upload a file, and then have a second
> download it and re-upload it and produce the same key. Inserts of the
> same file that produce different keys is going to be a continuing
> problem in making file sharing work well. Obviously as long as we
> include the filename in the metadata it's not completely solvable, but
> we can at least try to avoid making the problem any worse.
I agree that we need re-inserts to work. It was one of my goals with the new
sanitizer: The old one removed very common characters such as brackets. And as
it is only being used when downloading files and not when inserting them,
people who have downloaded an affected file could not reinsert it without
renaming (which nobody will do).
However, we cannot have a strict list of forbidden characters which is applied
for all operating systems because some OS forbid very common and useful
characters: Windows for example does not allow the question mark "?" in
filenames. This sucks. What would be acceptable is to have a config option
"Remove problematic characters from filenames when downloading and uploading
files" and have it enabled by default. This should as the name says also change
the current behavior to also sanitize filenames before uploading.
I don't really know how to properly implement configuration options in fred but
I could write the sanitizing code ... maybe someone can implement the config
option for me?
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://emu.freenetproject.org/pipermail/devl/attachments/20100217/7ab9417b/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL:
<https://emu.freenetproject.org/pipermail/devl/attachments/20100217/7ab9417b/attachment.pgp>
