diff options
| author | Antoni Sawicki <tenox@google.com> | 2022-08-29 00:22:04 -0700 |
|---|---|---|
| committer | Antoni Sawicki <tenox@google.com> | 2022-08-29 00:22:04 -0700 |
| commit | 09471a94c114c03361091db0ed18bb913bfa62f6 (patch) | |
| tree | 8a86d731d886378140969569e0910969152dadc6 | |
| parent | f63fea342a69296f24e405da6e718ce18e8d5035 (diff) | |
| download | wfm-09471a94c114c03361091db0ed18bb913bfa62f6.tar.gz | |
user query escaped dir for sorting
| -rw-r--r-- | dir.go | 11 |
1 files changed, 6 insertions, 5 deletions
@@ -61,7 +61,7 @@ func (r *wfmRequest) listFiles(hi string) { r.w.Write([]byte(` <TD NOWRAP ALIGN="left"> <INPUT TYPE="CHECKBOX" NAME="mulf" VALUE="` + heFile + `"> - <A HREF="` + *wfmPfx + `?dir=` + qeDir + `/` + qeFile + `&sort=` + r.eSort + `">` + i["di"] + heFile + `/</A>` + li + ` + <A HREF="` + *wfmPfx + `/` + qeDir + `/` + qeFile + `?sort=` + r.eSort + `">` + i["di"] + heFile + `/</A>` + li + ` </TD> <TD NOWRAP> </TD> <TD NOWRAP ALIGN="right">(` + humanize.Time(f.ModTime()) + `) ` + f.ModTime().Format(time.Stamp) + `</TD> @@ -129,6 +129,7 @@ func (r *wfmRequest) listFiles(hi string) { func toolbars(w http.ResponseWriter, uDir, user string, sl []string, i map[string]string) { eDir := html.EscapeString(uDir) + qeDir := url.QueryEscape(uDir) // Topbar w.Write([]byte(` <TABLE WIDTH="100%" BGCOLOR="#FFFFFF" CELLPADDING="0" CELLSPACING="0" BORDER="0" STYLE="height:28px;"><TR> @@ -137,7 +138,7 @@ func toolbars(w http.ResponseWriter, uDir, user string, sl []string, i map[strin </TD> <TD NOWRAP BGCOLOR="#F1F1F1" VALIGN="MIDDLE" ALIGN="RIGHT" STYLE="color:#000000; white-space:nowrap"> <A HREF="` + *wfmPfx + `?fn=logout">` + i["tid"] + user + `</A> - <A HREF="` + *wfmPfx + `?fn=about&dir=` + eDir + `&sort="> ` + i["tve"] + ` v` + vers + ` </A> + <A HREF="` + *wfmPfx + `?fn=about&dir=` + qeDir + `&sort="> ` + i["tve"] + ` v` + vers + ` </A> </TD> </TR></TABLE> `)) @@ -180,13 +181,13 @@ func toolbars(w http.ResponseWriter, uDir, user string, sl []string, i map[strin w.Write([]byte(` <TABLE WIDTH="100%" BGCOLOR="#FFFFFF" CELLPADDING="0" CELLSPACING="0" BORDER="0" CLASS="thov"><TR> <TD NOWRAP ALIGN="left" WIDTH="50%" BGCOLOR="#A0A0A0"> - <A HREF="` + *wfmPfx + `?dir=` + eDir + `&sort=` + sl[0] + `"><FONT COLOR="#FFFFFF">` + sl[1] + `</FONT></A> + <A HREF="` + *wfmPfx + `/` + qeDir + `&sort=` + sl[0] + `"><FONT COLOR="#FFFFFF">` + sl[1] + `</FONT></A> </TD> <TD NOWRAP ALIGN="right" BGCOLOR="#A0A0A0"> - <A HREF="` + *wfmPfx + `?dir=` + eDir + `&sort=` + sl[2] + `"><FONT COLOR="#FFFFFF">` + sl[3] + `</FONT></A> + <A HREF="` + *wfmPfx + `?dir=` + qeDir + `&sort=` + sl[2] + `"><FONT COLOR="#FFFFFF">` + sl[3] + `</FONT></A> </TD> <TD NOWRAP ALIGN="right" BGCOLOR="#A0A0A0"> - <A HREF="` + *wfmPfx + `?dir=` + eDir + `&sort=` + sl[4] + `"><FONT COLOR="#FFFFFF">` + sl[5] + `</FONT></A> + <A HREF="` + *wfmPfx + `?dir=` + qeDir + `&sort=` + sl[4] + `"><FONT COLOR="#FFFFFF">` + sl[5] + `</FONT></A> </TD> <TD NOWRAP ALIGN="right" BGCOLOR="#A0A0A0"> |