vhad/wordpress-develop
1
0
Fork 0
mirror of https://github.com/gosticks/wordpress-develop.git synced 2025-10-16 12:05:38 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
28a1ec5f59
wordpress-develop/tests
History
John James Jacoby 9b6c18b756 Admin/HTTP API: add suggested filename support to download_url(). 
This change allows for external clients to supply a suggested filename via a `Content-Disposition` response header. This filename is processed through `sanitize_file_name()` to ensure it is allowable (on the server, MIME's, etc...) and `validate_file()` to prevent directory traversal.

If the suggested filename fails the above processing/checks, that suggestion is discarded and the standard temporary filename (generated by WordPress) is used.

If no `Content-Disposition` header is found in the response headers, the standard temporary filename continues to be used as per normal.

Included in this change are 6 additional PHPUnit tests with 9 assertions. These tests confirm that valid filename values are correctly saved, and invalid filename values are correctly rejected.

Props cklosows, costdev, dd32, johnjamesjacoby, ocean90, psrpinto.

Fixes #38231.

git-svn-id: https://develop.svn.wordpress.org/trunk@51939 602fd350-edb4-49c9-b593-d223f7449a82
2021-10-27 14:58:24 +00:00
..
e2e Build/Test Tools: Add end-to-end (e2e) tests README.md. 2021-10-12 18:50:34 +00:00
gutenberg Block Editor: Update the Gutenberg branch used to launch Gutenberg e2e tests. 2021-06-01 09:21:36 +00:00
phpunit Admin/HTTP API: add suggested filename support to download_url(). 2021-10-27 14:58:24 +00:00
qunit Application Passwords: Improve various user-facing and developer-facing terminology. 2021-07-19 21:13:36 +00:00