diff --git a/CHANGELOG.md b/CHANGELOG.md index 93283e60..c62f970f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,7 +3,9 @@ ### New features TBD ### Bug fixes -TBD +- Fix port tooltip not showing on dash while server online. ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/503)) +- Fix '+' char in path causing any file operation to fail. ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/502)) +- Fix colours on public pages. ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/504)) ### Tweaks TBD ### Lang diff --git a/app/classes/web/ajax_handler.py b/app/classes/web/ajax_handler.py index fe3fb14f..61e2c40d 100644 --- a/app/classes/web/ajax_handler.py +++ b/app/classes/web/ajax_handler.py @@ -4,6 +4,7 @@ import pathlib import re import logging import time +import urllib.parse import bleach import tornado.web import tornado.escape @@ -507,7 +508,7 @@ class AjaxHandler(BaseHandler): self.redirect("/panel/dashboard") elif page == "unzip_server": - path = self.get_argument("path", None) + path = urllib.parse.unquote(self.get_argument("path", None)) if not path: path = os.path.join( self.controller.project_root, diff --git a/app/classes/web/panel_handler.py b/app/classes/web/panel_handler.py index a5c5a416..6c6b398f 100644 --- a/app/classes/web/panel_handler.py +++ b/app/classes/web/panel_handler.py @@ -7,6 +7,7 @@ import json import logging import threading import shlex +import urllib.parse import bleach import requests import tornado.web @@ -1387,9 +1388,10 @@ class PanelHandler(BaseHandler): template = "panel/activity_logs.html" elif page == "download_file": - file = Helpers.get_os_understandable_path(self.get_argument("path", "")) - name = self.get_argument("name", "") - + file = Helpers.get_os_understandable_path( + urllib.parse.unquote(self.get_argument("path", "")) + ) + name = urllib.parse.unquote(self.get_argument("name", "")) server_id = self.check_server_id() if server_id is None: return diff --git a/app/classes/web/upload_handler.py b/app/classes/web/upload_handler.py index 2de4fe1f..785d5783 100644 --- a/app/classes/web/upload_handler.py +++ b/app/classes/web/upload_handler.py @@ -1,6 +1,7 @@ import logging import os import time +import urllib.parse import tornado.web import tornado.options import tornado.httpserver @@ -108,7 +109,9 @@ class UploadHandler(BaseHandler): logger.debug("Could not delete file on user server upload") self.helper.ensure_dir_exists(path) - filename = self.request.headers.get("X-FileName", None) + filename = urllib.parse.unquote( + self.request.headers.get("X-FileName", None) + ) if not str(filename).endswith(".zip"): self.helper.websocket_helper.broadcast("close_upload_box", "error") self.finish("error") diff --git a/app/frontend/templates/panel/dashboard.html b/app/frontend/templates/panel/dashboard.html index 1fac58cf..171f2b8a 100644 --- a/app/frontend/templates/panel/dashboard.html +++ b/app/frontend/templates/panel/dashboard.html @@ -278,9 +278,10 @@ {% end %} - + +
{% if server['stats']['running'] %} {{ translate('dashboard', 'online', data['lang']) }} @@ -299,6 +300,7 @@ data-players="{{ server['stats']['online']}}" data-max="{{ server['stats']['max'] }}"> {% end %} +
{% for server in data['failed_servers'] %} diff --git a/app/frontend/templates/panel/server_files.html b/app/frontend/templates/panel/server_files.html index ebcf0d3b..af287b43 100644 --- a/app/frontend/templates/panel/server_files.html +++ b/app/frontend/templates/panel/server_files.html @@ -1027,7 +1027,9 @@ function downloadFileE(event) { path = event.target.parentElement.getAttribute('data-path'); name = event.target.parentElement.getAttribute('data-name'); - window.location.href = `/panel/download_file?id=${serverId}&path=${path}&name=${name}`; + encoded_path = encodeURIComponent(path) + encoded_name = encodeURIComponent(name) + window.location.href = `/panel/download_file?id=${serverId}&path=${encoded_path}&name=${encoded_name}`; } function renameItemE(event) { diff --git a/app/frontend/templates/public_base.html b/app/frontend/templates/public_base.html index 5a6d9bdb..33972b79 100644 --- a/app/frontend/templates/public_base.html +++ b/app/frontend/templates/public_base.html @@ -1,5 +1,5 @@ - + @@ -24,7 +24,7 @@ - +
diff --git a/app/frontend/templates/server/bedrock_wizard.html b/app/frontend/templates/server/bedrock_wizard.html index 8b9839e1..a29afcf8 100644 --- a/app/frontend/templates/server/bedrock_wizard.html +++ b/app/frontend/templates/server/bedrock_wizard.html @@ -565,7 +565,7 @@ document.getElementById("upload_input").innerHTML = '
 
' let xmlHttpRequest = new XMLHttpRequest(); let token = getCookie("_xsrf") - let fileName = file.name + let fileName = encodeURIComponent(file.name) let target = '/upload' let mimeType = file.type let size = file.size @@ -610,7 +610,7 @@ $.ajax({ type: "POST", headers: { 'X-XSRFToken': token }, - url: '/ajax/unzip_server?id=-1&file=' + file.name, + url: '/ajax/unzip_server?id=-1&file=' + encodeURIComponent(file.name), }); } else { bootbox.alert("You must input a path before selecting this button"); @@ -663,7 +663,7 @@ $.ajax({ type: "POST", headers: { 'X-XSRFToken': token }, - url: '/ajax/unzip_server?id=-1&path=' + path, + url: '/ajax/unzip_server?id=-1&path=' + encodeURIComponent(path), }); } else { bootbox.alert("You must input a path before selecting this button"); diff --git a/app/frontend/templates/server/wizard.html b/app/frontend/templates/server/wizard.html index 8346ca92..fd8d3773 100644 --- a/app/frontend/templates/server/wizard.html +++ b/app/frontend/templates/server/wizard.html @@ -788,7 +788,7 @@ $.ajax({ type: "POST", headers: { 'X-XSRFToken': token }, - url: '/ajax/unzip_server?id=-1&path=' + path, + url: '/ajax/unzip_server?id=-1&path=' + encodeURIComponent(path), }); } else { bootbox.alert("You must input a path before selecting this button"); @@ -853,7 +853,7 @@ $.ajax({ type: "POST", headers: { 'X-XSRFToken': token }, - url: '/ajax/unzip_server?id=-1&path=' + path, + url: '/ajax/unzip_server?id=-1&path=' + encodeURIComponent(path), }); } else { bootbox.alert("You must input a path before selecting this button"); @@ -875,7 +875,7 @@ $.ajax({ type: "POST", headers: { 'X-XSRFToken': token }, - url: '/ajax/unzip_server?id=-1&file=' + file.name, + url: '/ajax/unzip_server?id=-1&file=' + encodeURIComponent(file.name), }); } else { bootbox.alert("You must input a path before selecting this button");