Opened 18 years ago
Closed 17 years ago
#5557 closed defect (worksforme)
[PATCH]: Attachment download missing 'filename=' in header
Reported by: | Owned by: | Jonas Borgström | |
---|---|---|---|
Priority: | normal | Milestone: | |
Component: | attachment | Version: | 0.10-stable |
Severity: | normal | Keywords: | attachment |
Cc: | Branch: | ||
Release Notes: | |||
API Changes: | |||
Internal Changes: |
Description
Following [4946] an important piece of information for downloading attachments disappeared, and at least on IE7 the download/save dialogue is:
- only providing save option, and not the usual 'Open/Run' or 'Save'.
- missing file ending, so if you try to download 'mytool.exe' it will try to save only 'mytool' - having to add the ending manually, and regardless of file type.
- and, it will not recognize the file type, always listing it as 'Unknown File Type'.
Here is tested patch for 0.10-stable:
-
trac-0.10-stable/trac/attachment.py
561 561 # Force browser to download files instead of rendering 562 562 # them, since they might contain malicious code enabling 563 563 # XSS attacks 564 req.send_header('Content-Disposition', 'attachment') 564 req.send_header('Content-Disposition', 'attachment; ' + 565 'filename=' + attachment.filename) 565 566 if format == 'txt': 566 567 mime_type = 'text/plain' 567 568 elif not mime_type:
In all other modules where there is download, this seems to be correct - if the file is placed in htdocs and served through Chrome, it provides correct information. Also trying to download files in original format from wiki, browser and so on.
Patch tested on IE, Firefox, Camino and Safari.
Attachments (0)
Change History (3)
comment:1 by , 18 years ago
Keywords: | attachment added |
---|
comment:2 by , 18 years ago
Have tested it - uploading a unicode filname from osx, and downloading on pc. The patch works in that it provides the open/run and save buttons, correct filetype and ending and so on.
However, the filename does get a bit garbled - some tiny changes moving between platforms, and more through the open/save dialogue. Without the patch the trac display and windows save filename are the same (only platform-garbling :-).
The same behavior is used at:
- branches/0.10-stable/trac/mimeview/api.py@4946#L608
- branches/0.10-stable/trac/ticket/report.py@4869#L510
- branches/0.10-stable/trac/versioncontrol/web_ui/changeset.py@4207#L527
- branches/0.10-stable/trac/versioncontrol/web_ui/changeset.py@4207#L589
All of these can have a unicode string as the filename, I suppose.
comment:3 by , 17 years ago
Component: | general → attachment |
---|---|
Resolution: | → worksforme |
Status: | new → closed |
Wonder what happened to here. Using current current trunk and current IE7 this does not seem to be a problem any more. The Open/Run + Save dialogue looks just fine.
I don't actually know why, but anyway I'm happy to close this as 'worksforme' using latest versions.
(digging in my mailbox)
So can you test your patch with a filename containing unicode characters, to check whether your patch still works or fails as jonas predicted?
Besides attachments, a similar change occurred in the browser module.