Sanitize filenames before using in Content-Disposition header
This commit is contained in:
Herman van Rink
@@ -343,6 +343,7 @@ if (!$save_on_server) {
|
|||||||
// (avoid rewriting data containing HTML with anchors and forms;
|
// (avoid rewriting data containing HTML with anchors and forms;
|
||||||
// this was reported to happen under Plesk)
|
// this was reported to happen under Plesk)
|
||||||
@ini_set('url_rewriter.tags','');
|
@ini_set('url_rewriter.tags','');
|
||||||
|
$filename = PMA_sanitize_filename($filename);
|
||||||
|
|
||||||
header('Content-Type: ' . $mime_type);
|
header('Content-Type: ' . $mime_type);
|
||||||
header('Expires: ' . gmdate('D, d M Y H:i:s') . ' GMT');
|
header('Expires: ' . gmdate('D, d M Y H:i:s') . ' GMT');
|
||||||
|
|||||||
@@ -86,4 +86,22 @@ function PMA_sanitize($message, $escape = false, $safe = false)
|
|||||||
|
|
||||||
return $message;
|
return $message;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Sanitize a filename by removing anything besides A-Za-z0-9_.-
|
||||||
|
*
|
||||||
|
* Intended usecase:
|
||||||
|
* When using a filename in a Content-Disposition header the value should not contain ; or "
|
||||||
|
*
|
||||||
|
* @param string The filename
|
||||||
|
*
|
||||||
|
* @return string the sanitized filename
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
function PMA_sanitize_filename($filename) {
|
||||||
|
$filename = preg_replace('/[^A-Za-z0-9_.-]/', '_', $filename);
|
||||||
|
return $filename;
|
||||||
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|||||||
@@ -173,6 +173,7 @@ class PMA_DIA extends XMLWriter
|
|||||||
if(ob_get_clean()){
|
if(ob_get_clean()){
|
||||||
ob_end_clean();
|
ob_end_clean();
|
||||||
}
|
}
|
||||||
|
$fileName = PMA_sanitize_filename($fileName);
|
||||||
header('Content-type: application/x-dia-diagram');
|
header('Content-type: application/x-dia-diagram');
|
||||||
header('Content-Disposition: attachment; filename="'.$fileName.'.dia"');
|
header('Content-Disposition: attachment; filename="'.$fileName.'.dia"');
|
||||||
$output = $this->flush();
|
$output = $this->flush();
|
||||||
|
|||||||
@@ -336,6 +336,7 @@ class PMA_EPS
|
|||||||
// if(ob_get_clean()){
|
// if(ob_get_clean()){
|
||||||
//ob_end_clean();
|
//ob_end_clean();
|
||||||
//}
|
//}
|
||||||
|
$fileName = PMA_sanitize_filename($fileName);
|
||||||
header('Content-type: image/x-eps');
|
header('Content-type: image/x-eps');
|
||||||
header('Content-Disposition: attachment; filename="'.$fileName.'.eps"');
|
header('Content-Disposition: attachment; filename="'.$fileName.'.eps"');
|
||||||
$output = $this->stringCommands;
|
$output = $this->stringCommands;
|
||||||
|
|||||||
@@ -1075,6 +1075,8 @@ class PMA_Pdf_Relation_Schema extends PMA_Export_Relation_Schema
|
|||||||
if (empty($filename)) {
|
if (empty($filename)) {
|
||||||
$filename = $pageNumber . '.pdf';
|
$filename = $pageNumber . '.pdf';
|
||||||
}
|
}
|
||||||
|
$fileName = PMA_sanitize_filename($fileName);
|
||||||
|
|
||||||
// instead of $pdf->Output():
|
// instead of $pdf->Output():
|
||||||
$pdfData = $pdf->getPDFData();
|
$pdfData = $pdf->getPDFData();
|
||||||
header('Content-Type: application/pdf');
|
header('Content-Type: application/pdf');
|
||||||
|
|||||||
@@ -171,6 +171,7 @@ class PMA_SVG extends XMLWriter
|
|||||||
function showOutput($fileName)
|
function showOutput($fileName)
|
||||||
{
|
{
|
||||||
//ob_get_clean();
|
//ob_get_clean();
|
||||||
|
$fileName = PMA_sanitize_filename($fileName);
|
||||||
header('Content-type: image/svg+xml');
|
header('Content-type: image/svg+xml');
|
||||||
header('Content-Disposition: attachment; filename="'.$fileName.'.svg"');
|
header('Content-Disposition: attachment; filename="'.$fileName.'.svg"');
|
||||||
$output = $this->flush();
|
$output = $this->flush();
|
||||||
|
|||||||
@@ -158,6 +158,7 @@ class PMA_VISIO extends XMLWriter
|
|||||||
//if(ob_get_clean()){
|
//if(ob_get_clean()){
|
||||||
//ob_end_clean();
|
//ob_end_clean();
|
||||||
//}
|
//}
|
||||||
|
$fileName = PMA_sanitize_filename($fileName);
|
||||||
header('Content-type: application/visio');
|
header('Content-type: application/visio');
|
||||||
header('Content-Disposition: attachment; filename="'.$fileName.'.vdx"');
|
header('Content-Disposition: attachment; filename="'.$fileName.'.vdx"');
|
||||||
$output = $this->flush();
|
$output = $this->flush();
|
||||||
|
|||||||
@@ -39,7 +39,8 @@ if ($result === false) {
|
|||||||
|
|
||||||
header('Content-Type: ' . PMA_detectMIME($result));
|
header('Content-Type: ' . PMA_detectMIME($result));
|
||||||
header('Expires: ' . gmdate('D, d M Y H:i:s') . ' GMT');
|
header('Expires: ' . gmdate('D, d M Y H:i:s') . ' GMT');
|
||||||
header('Content-Disposition: attachment; filename="' . $table . '-' . $transform_key . '.bin"');
|
$filename = PMA_sanitize_filename($table . '-' . $transform_key . '.bin');
|
||||||
|
header('Content-Disposition: attachment; filename="' . $filename . '"');
|
||||||
if (PMA_USR_BROWSER_AGENT == 'IE') {
|
if (PMA_USR_BROWSER_AGENT == 'IE') {
|
||||||
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
|
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
|
||||||
header('Pragma: public');
|
header('Pragma: public');
|
||||||
|
|||||||
@@ -111,7 +111,8 @@ if (isset($_REQUEST['report_export']) && $_REQUEST['export_type'] == 'sqldumpfil
|
|||||||
foreach($entries as $entry) {
|
foreach($entries as $entry) {
|
||||||
$dump .= $entry['statement'];
|
$dump .= $entry['statement'];
|
||||||
}
|
}
|
||||||
$filename = 'log_' . str_replace(';', '', htmlspecialchars($_REQUEST['table'])) . '.sql';
|
//$filename = 'log_' . str_replace(';', '', htmlspecialchars($_REQUEST['table'])) . '.sql';
|
||||||
|
$filename = PMA_sanitize_filename('log_' . $_REQUEST['table'] . '.sql');
|
||||||
header('Content-Type: text/x-sql');
|
header('Content-Type: text/x-sql');
|
||||||
header('Expires: ' . gmdate('D, d M Y H:i:s') . ' GMT');
|
header('Expires: ' . gmdate('D, d M Y H:i:s') . ' GMT');
|
||||||
header('Content-Disposition: attachment; filename="' . $filename . '"');
|
header('Content-Disposition: attachment; filename="' . $filename . '"');
|
||||||
|
|||||||
Reference in New Issue
Block a user