Etusivu Tutki Apua
Rekisteröidy Kirjaudu sisään
Apq
/
sftpgo
peilaus alkaen https://github.com/drakkan/sftpgo.git
1
0
Haarauta 0
Tiedostot Esitykset 0 Wiki
Selaa lähdekoodia

web: fix content type for folders form

Fixes #367
Nicola Murino 4 vuotta sitten
vanhempi
2f56375121
sitoutus
6eb43baf3d
3 muutettua tiedostoa jossa 51 lisäystä ja 27 poistoa
Jaettu näkymä Näytä diff tilastot
  1. 48 24
      httpd/httpd_test.go
  2. 2 2
      httpd/web.go
  3. 1 1
      templates/folder.html

+ 48 - 24
httpd/httpd_test.go
Näytä tiedosto 

@@ -6189,26 +6189,32 @@ func TestAddWebFoldersMock(t *testing.T) {
 
 	form.Set("mapped_path", mappedPath)
 
 	form.Set("name", folderName)
 
 	form.Set("description", folderDesc)
 
-	req, err := http.NewRequest(http.MethodPost, webFolderPath, strings.NewReader(form.Encode()))
 
+	b, contentType, err := getMultipartFormData(form, "", "")
 
 	assert.NoError(t, err)
 
+	req, err := http.NewRequest(http.MethodPost, webFolderPath, &b)
 
+	assert.NoError(t, err)
 
+	req.Header.Set("Content-Type", contentType)
 
 	setJWTCookieForReq(req, webToken)
 
-	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
 
 	rr := executeRequest(req)
 
 	checkResponseCode(t, http.StatusForbidden, rr)
 
 	assert.Contains(t, rr.Body.String(), "unable to verify form token")
 
 
 	form.Set(csrfFormToken, csrfToken)
 
-	req, err = http.NewRequest(http.MethodPost, webFolderPath, strings.NewReader(form.Encode()))
 
+	b, contentType, err = getMultipartFormData(form, "", "")
 
+	assert.NoError(t, err)
 
+	req, err = http.NewRequest(http.MethodPost, webFolderPath, &b)
 
 	assert.NoError(t, err)
 
+	req.Header.Set("Content-Type", contentType)
 
 	setJWTCookieForReq(req, webToken)
 
-	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
 
 	rr = executeRequest(req)
 
 	checkResponseCode(t, http.StatusSeeOther, rr)
 
 	// adding the same folder will fail since the name must be unique
 
-	req, err = http.NewRequest(http.MethodPost, webFolderPath, strings.NewReader(form.Encode()))
 
+	b, contentType, err = getMultipartFormData(form, "", "")
 
+	assert.NoError(t, err)
 
+	req, err = http.NewRequest(http.MethodPost, webFolderPath, &b)
 
 	assert.NoError(t, err)
 
 	setJWTCookieForReq(req, webToken)
 
-	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
 
+	req.Header.Set("Content-Type", contentType)
 
 	rr = executeRequest(req)
 
 	checkResponseCode(t, http.StatusOK, rr)
 
 	// invalid form
 
@@ -6277,18 +6283,22 @@ func TestS3WebFolderMock(t *testing.T) {
 
 	form.Set("s3_upload_part_size", strconv.Itoa(S3UploadPartSize))
 
 	form.Set("s3_upload_concurrency", "a")
 
 	form.Set(csrfFormToken, csrfToken)
 
-	req, err := http.NewRequest(http.MethodPost, webFolderPath, strings.NewReader(form.Encode()))
 
+	b, contentType, err := getMultipartFormData(form, "", "")
 
+	assert.NoError(t, err)
 
+	req, err := http.NewRequest(http.MethodPost, webFolderPath, &b)
 
 	assert.NoError(t, err)
 
 	setJWTCookieForReq(req, webToken)
 
-	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
 
+	req.Header.Set("Content-Type", contentType)
 
 	rr := executeRequest(req)
 
 	checkResponseCode(t, http.StatusOK, rr)
 
 
 	form.Set("s3_upload_concurrency", strconv.Itoa(S3UploadConcurrency))
 
-	req, err = http.NewRequest(http.MethodPost, webFolderPath, strings.NewReader(form.Encode()))
 
+	b, contentType, err = getMultipartFormData(form, "", "")
 
+	assert.NoError(t, err)
 
+	req, err = http.NewRequest(http.MethodPost, webFolderPath, &b)
 
 	assert.NoError(t, err)
 
 	setJWTCookieForReq(req, webToken)
 
-	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
 
+	req.Header.Set("Content-Type", contentType)
 
 	rr = executeRequest(req)
 
 	checkResponseCode(t, http.StatusSeeOther, rr)
 
 
@@ -6315,18 +6325,22 @@ func TestS3WebFolderMock(t *testing.T) {
 
 	// update
 
 	S3UploadConcurrency = 10
 
 	form.Set("s3_upload_concurrency", "b")
 
-	req, err = http.NewRequest(http.MethodPost, path.Join(webFolderPath, folderName), strings.NewReader(form.Encode()))
 
+	b, contentType, err = getMultipartFormData(form, "", "")
 
+	assert.NoError(t, err)
 
+	req, err = http.NewRequest(http.MethodPost, path.Join(webFolderPath, folderName), &b)
 
 	assert.NoError(t, err)
 
 	setJWTCookieForReq(req, webToken)
 
-	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
 
+	req.Header.Set("Content-Type", contentType)
 
 	rr = executeRequest(req)
 
 	checkResponseCode(t, http.StatusOK, rr)
 
 
 	form.Set("s3_upload_concurrency", strconv.Itoa(S3UploadConcurrency))
 
-	req, err = http.NewRequest(http.MethodPost, path.Join(webFolderPath, folderName), strings.NewReader(form.Encode()))
 
+	b, contentType, err = getMultipartFormData(form, "", "")
 
+	assert.NoError(t, err)
 
+	req, err = http.NewRequest(http.MethodPost, path.Join(webFolderPath, folderName), &b)
 
 	assert.NoError(t, err)
 
 	setJWTCookieForReq(req, webToken)
 
-	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
 
+	req.Header.Set("Content-Type", contentType)
 
 	rr = executeRequest(req)
 
 	checkResponseCode(t, http.StatusSeeOther, rr)
 
 
@@ -6380,19 +6394,23 @@ func TestUpdateWebFolderMock(t *testing.T) {
 
 	form.Set("name", folderName)
 
 	form.Set("description", folderDesc)
 
 	form.Set(csrfFormToken, "")
 
-	req, err := http.NewRequest(http.MethodPost, path.Join(webFolderPath, folderName), strings.NewReader(form.Encode()))
 
+	b, contentType, err := getMultipartFormData(form, "", "")
 
+	assert.NoError(t, err)
 
+	req, err := http.NewRequest(http.MethodPost, path.Join(webFolderPath, folderName), &b)
 
 	assert.NoError(t, err)
 
 	setJWTCookieForReq(req, webToken)
 
-	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
 
+	req.Header.Set("Content-Type", contentType)
 
 	rr := executeRequest(req)
 
 	checkResponseCode(t, http.StatusForbidden, rr)
 
 	assert.Contains(t, rr.Body.String(), "unable to verify form token")
 
 
 	form.Set(csrfFormToken, csrfToken)
 
-	req, err = http.NewRequest(http.MethodPost, path.Join(webFolderPath, folderName), strings.NewReader(form.Encode()))
 
+	b, contentType, err = getMultipartFormData(form, "", "")
 
+	assert.NoError(t, err)
 
+	req, err = http.NewRequest(http.MethodPost, path.Join(webFolderPath, folderName), &b)
 
 	assert.NoError(t, err)
 
 	setJWTCookieForReq(req, webToken)
 
-	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
 
+	req.Header.Set("Content-Type", contentType)
 
 	rr = executeRequest(req)
 
 	checkResponseCode(t, http.StatusSeeOther, rr)
 
 
@@ -6407,26 +6425,32 @@ func TestUpdateWebFolderMock(t *testing.T) {
 
 	assert.Equal(t, folderDesc, folder.Description)
 
 
 	// parse form error
 
-	req, err = http.NewRequest(http.MethodPost, path.Join(webFolderPath, folderName)+"??a=a%B3%A2%G3", strings.NewReader(form.Encode()))
 
+	b, contentType, err = getMultipartFormData(form, "", "")
 
+	assert.NoError(t, err)
 
+	req, err = http.NewRequest(http.MethodPost, path.Join(webFolderPath, folderName)+"??a=a%B3%A2%G3", &b)
 
 	assert.NoError(t, err)
 
 	setJWTCookieForReq(req, webToken)
 
-	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
 
+	req.Header.Set("Content-Type", contentType)
 
 	rr = executeRequest(req)
 
 	checkResponseCode(t, http.StatusOK, rr)
 
 	assert.Contains(t, rr.Body.String(), "invalid URL escape")
 
 
-	req, err = http.NewRequest(http.MethodPost, path.Join(webFolderPath, folderName+"1"), strings.NewReader(form.Encode()))
 
+	b, contentType, err = getMultipartFormData(form, "", "")
 
+	assert.NoError(t, err)
 
+	req, err = http.NewRequest(http.MethodPost, path.Join(webFolderPath, folderName+"1"), &b)
 
 	assert.NoError(t, err)
 
 	setJWTCookieForReq(req, webToken)
 
-	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
 
+	req.Header.Set("Content-Type", contentType)
 
 	rr = executeRequest(req)
 
 	checkResponseCode(t, http.StatusNotFound, rr)
 
 
 	form.Set("mapped_path", "arelative/path")
 
-	req, err = http.NewRequest(http.MethodPost, path.Join(webFolderPath, folderName), strings.NewReader(form.Encode()))
 
+	b, contentType, err = getMultipartFormData(form, "", "")
 
+	assert.NoError(t, err)
 
+	req, err = http.NewRequest(http.MethodPost, path.Join(webFolderPath, folderName), &b)
 
 	assert.NoError(t, err)
 
 	setJWTCookieForReq(req, webToken)
 
-	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
 
+	req.Header.Set("Content-Type", contentType)
 
 	rr = executeRequest(req)
 
 	checkResponseCode(t, http.StatusOK, rr)

+ 2 - 2
httpd/web.go
Näytä tiedosto 

@@ -1478,7 +1478,7 @@ func handleWebAddFolderGet(w http.ResponseWriter, r *http.Request) {
 
 func handleWebAddFolderPost(w http.ResponseWriter, r *http.Request) {
 
 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
 
 	folder := vfs.BaseVirtualFolder{}
 
-	err := r.ParseForm()
 
+	err := r.ParseMultipartForm(maxRequestSize)
 
 	if err != nil {
 
 		renderFolderPage(w, r, folder, folderPageModeAdd, err.Error())
 
 		return
 
@@ -1529,7 +1529,7 @@ func handleWebUpdateFolderPost(w http.ResponseWriter, r *http.Request) {
 
 		return
 
 	}
 
 
-	err = r.ParseForm()
 
+	err = r.ParseMultipartForm(maxRequestSize)
 
 	if err != nil {
 
 		renderFolderPage(w, r, folder, folderPageModeUpdate, err.Error())
 
 		return

+ 1 - 1
templates/folder.html
Näytä tiedosto 

@@ -27,7 +27,7 @@
 
             </div>
 
         </div>
 
         {{end}}
 
-        <form id="folder_form" action="{{.CurrentURL}}" method="POST" autocomplete="off" {{if eq .Mode 3}}target="_blank"{{end}}>
 
+        <form id="folder_form" enctype="multipart/form-data" action="{{.CurrentURL}}" method="POST" autocomplete="off" {{if eq .Mode 3}}target="_blank"{{end}}>
 
             {{if eq .Mode 3}}
 
             <div class="form-group row">
 
                 <label for="idFolders" class="col-sm-2 col-form-label">Folders</label>