Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: Prevent upload of file wih invalid characters via bulk upload #37213

Open
5 of 9 tasks
mgallien opened this issue Mar 14, 2023 · 3 comments
Open
5 of 9 tasks

[Bug]: Prevent upload of file wih invalid characters via bulk upload #37213

mgallien opened this issue Mar 14, 2023 · 3 comments
Labels
0. Needs triage Pending check for reproducibility or if it fits our roadmap 25-feedback bug feature: dav hotspot: filename handling Filenames - invalid, portable, blacklisting, etc.

Comments

@mgallien
Copy link
Contributor

⚠️ This issue respects the following points: ⚠️

  • This is a bug, not a question or a configuration/webserver/proxy issue.
  • This issue is not already reported on Github (I've searched it).
  • Nextcloud Server is up to date. See Maintenance and Release Schedule for supported versions.
  • Nextcloud Server is running on 64bit capable CPU, PHP and OS.
  • I agree to follow Nextcloud's Code of Conduct.

Bug description

Plain old wedav upload prevents uploading files with \ or / in their names.
Bulk upload does not prevent them but then they are improperly handled leading to the desktop client deleting files.

Steps to reproduce

  1. Enable bulk upload
  2. Connect a desktop client
  3. Create a local file with such name test\hello.md
  4. Wait for it to be uploaded
  5. Sync again and see that the server is not reporting it as an existing file
  6. Desktop client deletes the local file

Expected behavior

  1. Enable bulk upload
  2. Connect a desktop client
  3. Create a local file with such name test\hello.md
  4. Expect an error telling this file is not uploaded

Installation method

None

Operating system

None

PHP engine version

None

Web server

None

Database engine version

None

Is this bug present after an update or on a fresh install?

None

Are you using the Nextcloud Server Encryption module?

None

What user-backends are you using?

  • Default user-backend (database)
  • LDAP/ Active Directory
  • SSO - SAML
  • Other

Configuration report

No response

List of activated Apps

Enabled:
  - activity: 2.17.0
  - circles: 25.0.0
  - cloud_federation_api: 1.8.0
  - comments: 1.15.0
  - contactsinteraction: 1.6.0
  - dashboard: 7.5.0
  - dav: 1.24.0
  - federatedfilesharing: 1.15.0
  - federation: 1.15.0
  - files: 1.20.1
  - files_pdfviewer: 2.6.0
  - files_sharing: 1.17.0
  - files_trashbin: 1.15.0
  - files_versions: 1.18.0
  - lookup_server_connector: 1.13.0
  - notifications: 2.13.1
  - oauth2: 1.13.0
  - photos: 2.0.1
  - provisioning_api: 1.15.0
  - settings: 1.7.0
  - sharebymail: 1.15.0
  - support: 1.8.0
  - systemtags: 1.15.0
  - text: 3.6.0
  - theming: 2.0.1
  - twofactor_backupcodes: 1.14.0
  - updatenotification: 1.15.0
  - user_oidc: 1.3.1
  - user_status: 1.5.0
  - viewer: 1.9.0
  - weather_status: 1.5.0
  - workflowengine: 2.7.0
Disabled:
  - admin_audit
  - encryption
  - end_to_end_encryption
  - files_external
  - files_lock
  - groupfolders
  - spreed
  - testing
  - user_ldap

Nextcloud Signing status

No response

Nextcloud Logs

No response

Additional info

No response
@mgallien mgallien added bug 0. Needs triage Pending check for reproducibility or if it fits our roadmap labels Mar 14, 2023
@mgallien
Copy link
Contributor Author

@artonge

@szaimen
Copy link
Contributor

szaimen commented Mar 14, 2023

Hi, which nc version?

@datenangebot
Copy link

Hi, which nc version?

Was tested at nc25

@AndyScherzinger AndyScherzinger moved this to 🧭 Planning evaluation (don't pick) in 📁 Files team Aug 3, 2023
@joshtrichards joshtrichards added the hotspot: filename handling Filenames - invalid, portable, blacklisting, etc. label Sep 16, 2024
@joshtrichards joshtrichards mentioned this issue Sep 16, 2024
Open
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
0. Needs triage Pending check for reproducibility or if it fits our roadmap 25-feedback bug feature: dav hotspot: filename handling Filenames - invalid, portable, blacklisting, etc.
Projects
📁 Files team
Status: 🧭 Planning evaluation (don't pick)
Milestone
No milestone
Development

No branches or pull requests
4 participants
@mgallien @joshtrichards @szaimen @datenangebot