mirror of
https://invent.kde.org/network/falkon.git
synced 2024-12-24 04:36:34 +01:00
Fix not escaping characters for HTML directory listings
file: scheme handler is not currently used, this commit is mainly to close the pull request. Patch by philippwiesemann Closes #1712
This commit is contained in:
parent
cefe1bce54
commit
b817c19081
@ -170,7 +170,7 @@ QString FileSchemeReply::loadDirectory()
|
||||
QString page = sPage;
|
||||
QString title = request().url().toLocalFile();
|
||||
title.replace(QLatin1Char('/'), QDir::separator());
|
||||
page.replace(QLatin1String("%TITLE%"), tr("Index for %1").arg(title));
|
||||
page.replace(QLatin1String("%TITLE%"), tr("Index for %1").arg(title.toHtmlEscaped()));
|
||||
page.replace(QLatin1String("%CLICKABLE-TITLE%"), tr("Index for %1").arg(clickableSections(title)));
|
||||
|
||||
QString upDirDisplay = QLatin1String("none");
|
||||
@ -203,7 +203,7 @@ QString FileSchemeReply::loadDirectory()
|
||||
line += QLatin1String("<a href=\"");
|
||||
line += QUrl::fromLocalFile(info.absoluteFilePath()).toEncoded();
|
||||
line += QLatin1String("\">");
|
||||
line += info.fileName();
|
||||
line += info.fileName().toHtmlEscaped();
|
||||
line += QLatin1String("</a></td><td class=\"td-size\">");
|
||||
line += info.isDir() ? QString() : QzTools::fileSizeToString(info.size());
|
||||
line += QLatin1String("</td><td>");
|
||||
@ -245,7 +245,7 @@ QString FileSchemeReply::clickableSections(const QString &path)
|
||||
#ifndef Q_OS_WIN
|
||||
localFile.prepend(dirSeparator);
|
||||
#endif
|
||||
title += QString("<a href=\"%1\">%2</a>%3").arg(QUrl::fromLocalFile(localFile).toEncoded(), sections.at(i), dirSeparator);
|
||||
title += QString("<a href=\"%1\">%2</a>%3").arg(QUrl::fromLocalFile(localFile).toEncoded(), sections.at(i).toHtmlEscaped(), dirSeparator);
|
||||
}
|
||||
|
||||
return title;
|
||||
|
Loading…
Reference in New Issue
Block a user