Re: fetch extension - use local filename from content-dispositionheader (new diff)

From: Martin Cracauer <cracauer_at_cons.org>
Date: Fri, 30 Dec 2005 12:52:27 -0500
Allright.

Polishing:
- disallow "/" anywhere in the filename
- disallow "." at the beginning
- replace all chars less than ' ' or > 127 with "_"
- use a static buffer of size [MAX_PATH] instead of allocated memory,
  to be fail-safe against memory leaks from other applications using
  libfetch
- typo corrected, style fixes, manual entries

I also added a "-Q" flag which will print the resulting filename to
stdout.  This is useful in scripting.

Diff on
http:/www.cons.org/tmp/freebsd-fetch-O2.diff

When discussing, keep in mind that the user has to explicity give the
-O option (there is no environment variable to permanently turn this
on) and that the implications of the -O options are very clear and
simple.  And that the main use of this is for folks who have to go
through a gazillion of Bugzilla attachments all name
"customer-errlog.20051220" etc, and there is no other way to download
them in a name-preserving manner than interactively opening them in
Mozilla and saving them.

Before we randomize the list even more I would say I'd like to hear
from the security officer if there is concern left.  Myself I have no
way to form conflicting user opinions into a decision.  For the
reasons above I plan to go forward if not vetoed.

Martin
-- 
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Martin Cracauer <cracauer_at_cons.org>   http://www.cons.org/cracauer/
FreeBSD - where you want to go, today.      http://www.freebsd.org/
Received on Fri Dec 30 2005 - 16:52:29 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:50 UTC