iarv/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2026-03-28 17:42:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

fixes #600, avoid html in web uploaded filenames

Browse Source
This commit is contained in:
plegall
2017-01-27 11:13:00 +01:00
parent 746c796d9d
commit 6ec3f2d0fa
2 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
action.php
View File

@@ -216,7 +216,7 @@ $http_headers[] = 'Content-Type: '.$ctype;
if (isset($_GET['download']))
{
$http_headers[] = 'Content-Disposition: attachment; filename="'.$element_info['file'].'";';
$http_headers[] = 'Content-Disposition: attachment; filename="'.htmlspecialchars_decode($element_info['file']).'";';
$http_headers[] = 'Content-Transfer-Encoding: binary';
}
else