diff --git a/frontend/src/download.js b/frontend/src/download.js index ab60e346..ae6fe65d 100644 --- a/frontend/src/download.js +++ b/frontend/src/download.js @@ -32,8 +32,8 @@ $(document).ready(function() { $('.percent-number').html(`${Math.floor(percent * 100)}`); if (progress[1] < 1000000) { $('.progress-text').html( - `${filename} (${(progress[0] / 1000).toFixed(1)}KB of ${(progress[1] / - 1000).toFixed(1)}KB)` + `${filename} (${(progress[0] / 1000).toFixed(1)}KB of + ${(progress[1] / 1000).toFixed(1)}KB)` ); } else if (progress[1] < 1000000000) { $('.progress-text').html( diff --git a/frontend/src/fileReceiver.js b/frontend/src/fileReceiver.js index 86d0aaf9..155a8dd9 100644 --- a/frontend/src/fileReceiver.js +++ b/frontend/src/fileReceiver.js @@ -88,7 +88,7 @@ class FileReceiver extends EventEmitter { this.emit('safe', true); return Promise.all([ decrypted, - fname + decodeURIComponent(fname) ]); } }) diff --git a/frontend/src/fileSender.js b/frontend/src/fileSender.js index 866cbe0d..44240625 100644 --- a/frontend/src/fileSender.js +++ b/frontend/src/fileSender.js @@ -130,7 +130,7 @@ class FileSender extends EventEmitter { JSON.stringify({ aad: arrayToHex(hash), id: fileId, - filename: file.name + filename: encodeURIComponent(file.name) }) ); xhr.send(fd); diff --git a/server/server.js b/server/server.js index 42e2969e..7fa3b08f 100644 --- a/server/server.js +++ b/server/server.js @@ -98,7 +98,7 @@ app.get('/download/:id', (req, res) => { .length(id) .then(contentLength => { res.render('download', { - filename: filename, + filename: decodeURIComponent(filename), filesize: bytes(contentLength), trackerId: conf.analytics_id, dsn: conf.sentry_id @@ -193,10 +193,10 @@ app.post('/upload', (req, res, next) => { } if ( - !validateIV(meta.id) || !meta.hasOwnProperty('aad') || !meta.hasOwnProperty('id') || - !meta.hasOwnProperty('filename') + !meta.hasOwnProperty('filename') || + !validateIV(meta.id) ) { res.sendStatus(404); return;