diff --git a/README.md b/README.md index eff699d..3a378fc 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ ##Stash -![Release](https://img.shields.io/badge/release-3.0.2-brightgreen.svg) +![Release](https://img.shields.io/badge/release-3.0.3-brightgreen.svg) Stash for ExpressionEngine 3. diff --git a/composer.json b/composer.json index 6a90568..ff5c51b 100644 --- a/composer.json +++ b/composer.json @@ -13,7 +13,7 @@ }, "extra": { "branch-alias": { - "dev-dev": "2.6.*-dev" + "dev-dev": "2.7.*-dev" } } } diff --git a/system/user/addons/stash/config.php b/system/user/addons/stash/config.php index 09e8cc6..640902f 100755 --- a/system/user/addons/stash/config.php +++ b/system/user/addons/stash/config.php @@ -2,7 +2,7 @@ if (! defined('STASH_VER')) { define('STASH_NAME', 'Stash'); - define('STASH_VER', '3.0.2'); + define('STASH_VER', '3.0.3'); define('STASH_AUTHOR', 'Mark Croxton, Hallmark Design'); define('STASH_AUTHOR_URL', 'http://hallmark-design.co.uk'); define('STASH_DOCS', 'http://github.com/croxton/Stash/'); diff --git a/system/user/addons/stash/models/stash_model.php b/system/user/addons/stash/models/stash_model.php index 3bb3131..1190a45 100755 --- a/system/user/addons/stash/models/stash_model.php +++ b/system/user/addons/stash/models/stash_model.php @@ -807,6 +807,17 @@ private function _path($uri = '/', $site_id) return FALSE; } + // Blacklist of characters we don't want to allow as directory names in the cache + $bad = ee()->config->item('stash_static_character_blacklist') + ? (array) ee()->config->item('stash_static_character_blacklist') + : array(LD, RD, '<', '>', ':', '"', '\\', '|', '*', '.'); + $new_uri = str_replace($bad, '', $uri); + + if ($uri != $new_uri) + { + return FALSE; + } + // Build the path return trim($path.'/'.$site_id.'/'.trim($uri, '/')).'/'; }