The
$uploadFilter in TWiki.cfg is wrong. The following script illustrates the problem:
$uploadFilter = "^(\.htaccess|.*\.(?:php[0-9s]?|phtm[l]?|pl|py|cgi))\$";
print "A\n" if ("fred.py" =~ /$uploadFilter/);
print "B\n" if ("make_me_happy" =~ /$uploadFilter/);
Both A and B get printed. Thus trying to upload a file named "oh_htaccess" it gets .txt appended.
Obviously it should either be
$uploadFilter = "^(\\.htaccess|.*\\.(?:php[0-9s]?|phtm[l]?|pl|py|cgi))\$";
or (better, more readable)
$uploadFilter = qr/^(\.htaccess|.*\.(?:php[0-9s]?|phtm[l]?|pl|py|cgi))$/;
$securityFilter is OK, by pure luck. It should really be a qr// as well.
--
CrawfordCurrie - 22 Jan 2005
Agree with making it a
qr/.../ - this feature is already required by TWiki anyway.
--
RichardDonkin - 28 Jan 2005
See also the bug report on
AttachAddsTxtToFilename for another example of this problem. One cannot even attach TWiki source files without them getting name mangled....
--
ThomasWeigert - 28 Jan 2005
This is fixed in DEVELOP since rev 3567. I fixed
$securityFilter (now
$cfg{NameFilter}) as well.
--
CrawfordCurrie - 29 Jan 2005