# the addSlash means we get a redirect here
d = self.GET("/vdrive/global/foo", followRedirect=True)
def _check(res):
- self.failUnless(re.search(r'<td><a href="bar.txt">bar.txt</a></td>'
+ # the FILE reference points to a URI, but it should end in bar.txt
+ self.failUnless(re.search(r'<td>'
+ '<a href="[^"]+bar.txt">bar.txt</a>'
+ '</td>'
'\s+<td>FILE</td>'
'\s+<td>123</td>'
, res))
ctx.fillSlots("rename", rename)
# build the base of the uri_link link url
- uri_link = urllib.quote(target.get_uri().replace("/", "!"))
+ uri_link = "/uri/" + urllib.quote(target.get_uri().replace("/", "!"))
if IFileNode.providedBy(target):
# file
- dlurl = urllib.quote(name)
+
+ # add the filename to the uri_link url
+ uri_link += '?%s' % (urllib.urlencode({'filename': name}),)
+
+ # to prevent javascript in displayed .html files from stealing a
+ # secret vdrive URI from the URL, send the browser to a URI-based
+ # page that doesn't know about the vdrive at all
+ #dlurl = urllib.quote(name)
+ dlurl = uri_link
+
ctx.fillSlots("filename",
T.a(href=dlurl)[html.escape(name)])
ctx.fillSlots("type", "FILE")
ctx.fillSlots("size", target.get_size())
- text_plain_link = "/uri/%s?filename=foo.txt" % uri_link
+ text_plain_link = uri_link + "?filename=foo.txt"
text_plain_tag = T.a(href=text_plain_link)["text/plain"]
- # if we're a file, add the filename to the uri_link url
- uri_link += '?%s' % (urllib.urlencode({'filename': name}),)
elif IDirectoryNode.providedBy(target):
# directory
childdata = [T.a(href="%s?t=json" % name)["JSON"], ", ",
T.a(href="%s?t=uri" % name)["URI"], ", ",
T.a(href="%s?t=readonly-uri" % name)["readonly-URI"], ", ",
- T.a(href="/uri/%s" % uri_link)["URI-link"],
+ T.a(href=uri_link)["URI-link"],
]
if text_plain_tag:
childdata.extend([", ", text_plain_tag])
projects / tahoe-lafs / tahoe-lafs.git / commitdiff