#288 - Unable to view or delete an attachment with symbols in its name
Type Defect
Status Fixed
Milestone 3.0
Version 3.0
Component Tickets
Priority Normal
Severity Normal
Owner ihenry
Assigned to -
Reported 9 years ago
Updated 8 years ago
Votes 0
Related tickets
Proposed time
Worked time

What did you do to cause this?

Try to view an attachment with a space, !, bracket, comma, or other symbol in its name.

What page were you on?

/<project_slug>/tickets/<ticket_id>

What PHP and MySQL versions do you run?

PHP 5.4.7

MySQL 5.5.28

Describe the defect:

Attachments with only the characters a-z, A-Z, 0-9, -, _ and . work correctly. Attachments with other characters in their names can be uploaded, but cannot be viewed or deleted - a 404 page is returned.

Attachments

Ticket History

9 years and 9 months ago by ihenry

  • Attached traq-attachment-symbols.patch

This patch against git master removes the restrictions on attachment names in the routes for Attachments::view and Attachments::delete, the only character that is not allowed is a forward slash ('/'). It also URL-encodes the file names in attachment links, so attachments with names containing URL reserved characters such as '#' and '?' can be deleted.

Jack closed as Fixed 9 years and 8 months ago