diff options
author | Kevin Decherf <kevin@kdecherf.com> | 2019-01-07 23:50:08 +0100 |
---|---|---|
committer | Kevin Decherf <kevin@kdecherf.com> | 2019-01-08 15:13:35 +0100 |
commit | dac93644e8585cc6b2ea1a0409b11ed82bb8169d (patch) | |
tree | 6ac87a2f9e70f5ea2668e5d84e21dba5c85e2795 | |
parent | ad5ef8bca0c0321f348dcf402e0a20791eca3f4d (diff) | |
download | wallabag-dac93644e8585cc6b2ea1a0409b11ed82bb8169d.tar.gz wallabag-dac93644e8585cc6b2ea1a0409b11ed82bb8169d.tar.zst wallabag-dac93644e8585cc6b2ea1a0409b11ed82bb8169d.zip |
EntriesExport: sanitize filename and fix tests
Filename will now only use a-zA-Z0-9-' and space.
Fixes remaining filename issue on #3811
Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
-rw-r--r-- | src/Wallabag/CoreBundle/Helper/EntriesExport.php | 28 | ||||
-rw-r--r-- | tests/Wallabag/CoreBundle/Controller/ExportControllerTest.php | 11 |
2 files changed, 26 insertions, 13 deletions
diff --git a/src/Wallabag/CoreBundle/Helper/EntriesExport.php b/src/Wallabag/CoreBundle/Helper/EntriesExport.php index 1debdf8e..1a611199 100644 --- a/src/Wallabag/CoreBundle/Helper/EntriesExport.php +++ b/src/Wallabag/CoreBundle/Helper/EntriesExport.php | |||
@@ -223,7 +223,7 @@ class EntriesExport | |||
223 | [ | 223 | [ |
224 | 'Content-Description' => 'File Transfer', | 224 | 'Content-Description' => 'File Transfer', |
225 | 'Content-type' => 'application/epub+zip', | 225 | 'Content-type' => 'application/epub+zip', |
226 | 'Content-Disposition' => 'attachment; filename="' . $this->title . '.epub"', | 226 | 'Content-Disposition' => 'attachment; filename="' . $this->getSanitizedFilename() . '.epub"', |
227 | 'Content-Transfer-Encoding' => 'binary', | 227 | 'Content-Transfer-Encoding' => 'binary', |
228 | ] | 228 | ] |
229 | ); | 229 | ); |
@@ -265,9 +265,6 @@ class EntriesExport | |||
265 | } | 265 | } |
266 | $mobi->setContentProvider($content); | 266 | $mobi->setContentProvider($content); |
267 | 267 | ||
268 | // the browser inside Kindle Devices doesn't likes special caracters either, we limit to A-z/0-9 | ||
269 | $this->title = preg_replace('/[^A-Za-z0-9\-]/', '', $this->title); | ||
270 | |||
271 | return Response::create( | 268 | return Response::create( |
272 | $mobi->toString(), | 269 | $mobi->toString(), |
273 | 200, | 270 | 200, |
@@ -275,7 +272,7 @@ class EntriesExport | |||
275 | 'Accept-Ranges' => 'bytes', | 272 | 'Accept-Ranges' => 'bytes', |
276 | 'Content-Description' => 'File Transfer', | 273 | 'Content-Description' => 'File Transfer', |
277 | 'Content-type' => 'application/x-mobipocket-ebook', | 274 | 'Content-type' => 'application/x-mobipocket-ebook', |
278 | 'Content-Disposition' => 'attachment; filename="' . $this->title . '.mobi"', | 275 | 'Content-Disposition' => 'attachment; filename="' . $this->getSanitizedFilename() . '.mobi"', |
279 | 'Content-Transfer-Encoding' => 'binary', | 276 | 'Content-Transfer-Encoding' => 'binary', |
280 | ] | 277 | ] |
281 | ); | 278 | ); |
@@ -348,7 +345,7 @@ class EntriesExport | |||
348 | [ | 345 | [ |
349 | 'Content-Description' => 'File Transfer', | 346 | 'Content-Description' => 'File Transfer', |
350 | 'Content-type' => 'application/pdf', | 347 | 'Content-type' => 'application/pdf', |
351 | 'Content-Disposition' => 'attachment; filename="' . $this->title . '.pdf"', | 348 | 'Content-Disposition' => 'attachment; filename="' . $this->getSanitizedFilename() . '.pdf"', |
352 | 'Content-Transfer-Encoding' => 'binary', | 349 | 'Content-Transfer-Encoding' => 'binary', |
353 | ] | 350 | ] |
354 | ); | 351 | ); |
@@ -394,7 +391,7 @@ class EntriesExport | |||
394 | 200, | 391 | 200, |
395 | [ | 392 | [ |
396 | 'Content-type' => 'application/csv', | 393 | 'Content-type' => 'application/csv', |
397 | 'Content-Disposition' => 'attachment; filename="' . $this->title . '.csv"', | 394 | 'Content-Disposition' => 'attachment; filename="' . $this->getSanitizedFilename() . '.csv"', |
398 | 'Content-Transfer-Encoding' => 'UTF-8', | 395 | 'Content-Transfer-Encoding' => 'UTF-8', |
399 | ] | 396 | ] |
400 | ); | 397 | ); |
@@ -412,7 +409,7 @@ class EntriesExport | |||
412 | 200, | 409 | 200, |
413 | [ | 410 | [ |
414 | 'Content-type' => 'application/json', | 411 | 'Content-type' => 'application/json', |
415 | 'Content-Disposition' => 'attachment; filename="' . $this->title . '.json"', | 412 | 'Content-Disposition' => 'attachment; filename="' . $this->getSanitizedFilename() . '.json"', |
416 | 'Content-Transfer-Encoding' => 'UTF-8', | 413 | 'Content-Transfer-Encoding' => 'UTF-8', |
417 | ] | 414 | ] |
418 | ); | 415 | ); |
@@ -430,7 +427,7 @@ class EntriesExport | |||
430 | 200, | 427 | 200, |
431 | [ | 428 | [ |
432 | 'Content-type' => 'application/xml', | 429 | 'Content-type' => 'application/xml', |
433 | 'Content-Disposition' => 'attachment; filename="' . $this->title . '.xml"', | 430 | 'Content-Disposition' => 'attachment; filename="' . $this->getSanitizedFilename() . '.xml"', |
434 | 'Content-Transfer-Encoding' => 'UTF-8', | 431 | 'Content-Transfer-Encoding' => 'UTF-8', |
435 | ] | 432 | ] |
436 | ); | 433 | ); |
@@ -456,7 +453,7 @@ class EntriesExport | |||
456 | 200, | 453 | 200, |
457 | [ | 454 | [ |
458 | 'Content-type' => 'text/plain', | 455 | 'Content-type' => 'text/plain', |
459 | 'Content-Disposition' => 'attachment; filename="' . $this->title . '.txt"', | 456 | 'Content-Disposition' => 'attachment; filename="' . $this->getSanitizedFilename() . '.txt"', |
460 | 'Content-Transfer-Encoding' => 'UTF-8', | 457 | 'Content-Transfer-Encoding' => 'UTF-8', |
461 | ] | 458 | ] |
462 | ); | 459 | ); |
@@ -499,4 +496,15 @@ class EntriesExport | |||
499 | 496 | ||
500 | return str_replace('%IMAGE%', '', $info); | 497 | return str_replace('%IMAGE%', '', $info); |
501 | } | 498 | } |
499 | |||
500 | /** | ||
501 | * Return a sanitized version of the title by applying translit iconv | ||
502 | * and removing non alphanumeric characters, - and space. | ||
503 | * | ||
504 | * @return string Sanitized filename | ||
505 | */ | ||
506 | private function getSanitizedFilename() | ||
507 | { | ||
508 | return preg_replace('/[^A-Za-z0-9\- \']/', '', iconv('utf-8', 'us-ascii//TRANSLIT', $this->title)); | ||
509 | } | ||
502 | } | 510 | } |
diff --git a/tests/Wallabag/CoreBundle/Controller/ExportControllerTest.php b/tests/Wallabag/CoreBundle/Controller/ExportControllerTest.php index 6f3308e5..0c3d4c83 100644 --- a/tests/Wallabag/CoreBundle/Controller/ExportControllerTest.php +++ b/tests/Wallabag/CoreBundle/Controller/ExportControllerTest.php | |||
@@ -98,7 +98,7 @@ class ExportControllerTest extends WallabagCoreTestCase | |||
98 | 98 | ||
99 | $headers = $client->getResponse()->headers; | 99 | $headers = $client->getResponse()->headers; |
100 | $this->assertSame('application/x-mobipocket-ebook', $headers->get('content-type')); | 100 | $this->assertSame('application/x-mobipocket-ebook', $headers->get('content-type')); |
101 | $this->assertSame('attachment; filename="' . preg_replace('/[^A-Za-z0-9\-]/', '', $content->getTitle()) . '.mobi"', $headers->get('content-disposition')); | 101 | $this->assertSame('attachment; filename="' . $this->getSanitizedFilename($content->getTitle()) . '.mobi"', $headers->get('content-disposition')); |
102 | $this->assertSame('binary', $headers->get('content-transfer-encoding')); | 102 | $this->assertSame('binary', $headers->get('content-transfer-encoding')); |
103 | } | 103 | } |
104 | 104 | ||
@@ -126,7 +126,7 @@ class ExportControllerTest extends WallabagCoreTestCase | |||
126 | 126 | ||
127 | $headers = $client->getResponse()->headers; | 127 | $headers = $client->getResponse()->headers; |
128 | $this->assertSame('application/pdf', $headers->get('content-type')); | 128 | $this->assertSame('application/pdf', $headers->get('content-type')); |
129 | $this->assertSame('attachment; filename="Tag_entries articles.pdf"', $headers->get('content-disposition')); | 129 | $this->assertSame('attachment; filename="Tag foo bar articles.pdf"', $headers->get('content-disposition')); |
130 | $this->assertSame('binary', $headers->get('content-transfer-encoding')); | 130 | $this->assertSame('binary', $headers->get('content-transfer-encoding')); |
131 | } | 131 | } |
132 | 132 | ||
@@ -212,7 +212,7 @@ class ExportControllerTest extends WallabagCoreTestCase | |||
212 | 212 | ||
213 | $headers = $client->getResponse()->headers; | 213 | $headers = $client->getResponse()->headers; |
214 | $this->assertSame('application/json', $headers->get('content-type')); | 214 | $this->assertSame('application/json', $headers->get('content-type')); |
215 | $this->assertSame('attachment; filename="' . $contentInDB->getTitle() . '.json"', $headers->get('content-disposition')); | 215 | $this->assertSame('attachment; filename="' . $this->getSanitizedFilename($contentInDB->getTitle()) . '.json"', $headers->get('content-disposition')); |
216 | $this->assertSame('UTF-8', $headers->get('content-transfer-encoding')); | 216 | $this->assertSame('UTF-8', $headers->get('content-transfer-encoding')); |
217 | 217 | ||
218 | $content = json_decode($client->getResponse()->getContent(), true); | 218 | $content = json_decode($client->getResponse()->getContent(), true); |
@@ -281,4 +281,9 @@ class ExportControllerTest extends WallabagCoreTestCase | |||
281 | $this->assertNotEmpty('created_at', (string) $content->entry[0]->created_at); | 281 | $this->assertNotEmpty('created_at', (string) $content->entry[0]->created_at); |
282 | $this->assertNotEmpty('updated_at', (string) $content->entry[0]->updated_at); | 282 | $this->assertNotEmpty('updated_at', (string) $content->entry[0]->updated_at); |
283 | } | 283 | } |
284 | |||
285 | private function getSanitizedFilename($title) | ||
286 | { | ||
287 | return preg_replace('/[^A-Za-z0-9\- \']/', '', iconv('utf-8', 'us-ascii//TRANSLIT', $title)); | ||
288 | } | ||
284 | } | 289 | } |