urlencoding issue with file upload #159
Comments
|
I suspect DuetWebServer tries decode a URI component twice, which is why the I'll have a look at it. Edit: It's definitely something in DWS/Kestrel but I haven't tracked it down yet. DWC sends the correct request, e.g. when I upload |
|
Just some update on this matter. Removing UrlDecode at line 183 of Unfortunately, I never used .NET code and I don't really have an idea for now about how to build the app from sources to try to solve this bug and to do some tests on my own ... |
|
Thanks for pointing it out, I'll have a look again at this in v3.4-b6! |
|
This proposed fix does not work. In fact I get file paths like |
|
It's still a limitation from ASP.NET so nothing I can easily solve. Firefox sends this when trying to upload file whereas That is then decoded. Since |
I'm developping a sort of plugin to upload gcodes files directly to DWC after slicing and I noticed DWC is replacing some special characters by a space instead of just escaping them.
For example, a filename Raspberry_Pi_B+_Sleeve.gcode would become Raspberry_Pi_B _Sleeve.gcode
Even if I ulrencoding the filename, the "+" gets replaced by a space char.
So while trying to deal with that, I noticed if I double urlencode, the filename stays Raspberry_Pi_B+_Sleeve.gcode (which is fine because it's a valid filename).
So it means I can get rid of the escaping done on DWC => Maybe it could be a security issue ?
BTW, the file is listed at Jobs but I can't remove it (which is a bit hilarious). It says the file is not found.
The only way to remove the file is from the shell using SSH.
I can also start printing but it fails to read the file info.
I'm trying to find what cause this behavior in your code but for now I just found some encodeURIComponent() but still not found which function is escaping the filenames.
The text was updated successfully, but these errors were encountered: