Context Navigation

← Previous Changeset
Next Changeset →

Changeset 1202

Timestamp:

2007-12-13 19:33:33 (7 months ago)

Author:

fredck

Message:

For #79 : Implemented many of our standard security checks and the new configuration system handling for the file browser.

Location:

FCKeditor.Net/trunk

Files:

: 7 added
: 3 removed
: 5 modified

FCKeditor.cs (modified) (3 diffs)
FileBrowser/Config.cs (added)
FileBrowser/Connector.cs (added)
FileBrowserConnector.cs (deleted)
FileBrowser/FileWorkerBase.cs (added)
FileBrowser/TypeConfig.cs (added)
FileBrowser/TypeConfigList.cs (added)
FileBrowser/Uploader.cs (added)
FileBrowser/XmlResponseHandler.cs (added)
FileWorkerBase.cs (deleted)
FredCK.FCKeditorV2.vs2003.csproj (modified) (3 diffs)
FredCK.FCKeditorV2.vs2005.csproj (modified) (2 diffs)
Uploader.cs (deleted)
Util.cs (modified) (2 diffs)
_whatsnew.html (modified) (3 diffs)

Legend:

: Unmodified
: Added
: Removed

FCKeditor.Net/trunk/FCKeditor.cs

r1172	r1202
425	425	string sUserAgent = request.UserAgent;
426	426
427		if ( sUserAgent.~~Contains( "Gecko/" )~~ )
	427	if ( sUserAgent.IndexOf( "Gecko/" ) >= 0 )
428	428	{
429	429	Match oMatch = Regex.Match( request.UserAgent, @"(?<=Gecko/)\d{8}" );
…	…
431	431	}
432	432
433		if ( sUserAgent.~~Contains( "Opera/" )~~ )
	433	if ( sUserAgent.IndexOf( "Opera/" ) >= 0 )
434	434	{
435	435	Match oMatch = Regex.Match( request.UserAgent, @"(?<=Opera/)[\d\.]+" );
…	…
437	437	}
438	438
439		if ( sUserAgent.~~Contains( "AppleWebKit/" )~~ )
	439	if ( sUserAgent.IndexOf( "AppleWebKit/" ) >= 0 )
440	440	{
441	441	Match oMatch = Regex.Match( request.UserAgent, @"(?<=AppleWebKit/)\d+" );

FCKeditor.Net/trunk/FredCK.FCKeditorV2.vs2003.csproj

r1158	r1202
108	108	/>
109	109	<File
110		~~RelPath = "_license.txt"~~
111		~~BuildAction = "Content"~~
112		/>
113		~~<File~~
114	110	RelPath = "_whatsnew.html"
115	111	BuildAction = "Content"
…	…
136	132	/>
137	133	<File
138		~~RelPath = "FileBrowserConnector.cs"~~
139		~~SubType = "ASPXCodeBehind"~~
140		~~BuildAction = "Compile"~~
141		/>
142		~~<File~~
143		~~RelPath = "FileWorkerBase.cs"~~
144		~~SubType = "ASPXCodeBehind"~~
145		~~BuildAction = "Compile"~~
146		/>
147		~~<File~~
148		~~RelPath = "Uploader.cs"~~
149		~~SubType = "ASPXCodeBehind"~~
150		~~BuildAction = "Compile"~~
151		/>
152		~~<File~~
153	134	RelPath = "Util.cs"
154	135	SubType = "Code"
…	…
160	141	BuildAction = "Compile"
161	142	/>
	143	<File
	144	RelPath = "FileBrowser\Config.cs"
	145	SubType = "ASPXCodeBehind"
	146	BuildAction = "Compile"
	147	/>
	148	<File
	149	RelPath = "FileBrowser\Connector.cs"
	150	SubType = "ASPXCodeBehind"
	151	BuildAction = "Compile"
	152	/>
	153	<File
	154	RelPath = "FileBrowser\FileWorkerBase.cs"
	155	SubType = "ASPXCodeBehind"
	156	BuildAction = "Compile"
	157	/>
	158	<File
	159	RelPath = "FileBrowser\TypeConfig.cs"
	160	SubType = "Code"
	161	BuildAction = "Compile"
	162	/>
	163	<File
	164	RelPath = "FileBrowser\TypeConfigList.cs"
	165	SubType = "Code"
	166	BuildAction = "Compile"
	167	/>
	168	<File
	169	RelPath = "FileBrowser\Uploader.cs"
	170	SubType = "ASPXCodeBehind"
	171	BuildAction = "Compile"
	172	/>
	173	<File
	174	RelPath = "FileBrowser\XmlResponseHandler.cs"
	175	SubType = "Code"
	176	BuildAction = "Compile"
	177	/>
162	178	</Include>
163	179	</Files>

FCKeditor.Net/trunk/FredCK.FCKeditorV2.vs2005.csproj

r1167	r1202
111	111	<SubType>Code</SubType>
112	112	</Compile>
113		<Compile Include="FileBrowser~~Connector~~.cs">
	113	<Compile Include="FileBrowser\Config.cs">
114	114	<SubType>ASPXCodeBehind</SubType>
115	115	</Compile>
116		<Compile Include="File~~WorkerBase~~.cs">
	116	<Compile Include="FileBrowser\Connector.cs">
117	117	<SubType>ASPXCodeBehind</SubType>
118	118	</Compile>
119		<Compile Include="Uploader.cs">
	119	<Compile Include="FileBrowser\TypeConfig.cs" />
	120	<Compile Include="FileBrowser\TypeConfigList.cs" />
	121	<Compile Include="FileBrowser\FileWorkerBase.cs">
	122	<SubType>ASPXCodeBehind</SubType>
	123	</Compile>
	124	<Compile Include="FileBrowser\Uploader.cs">
120	125	<SubType>ASPXCodeBehind</SubType>
121	126	</Compile>
…	…
123	128	<SubType>Code</SubType>
124	129	</Compile>
	130	<Compile Include="FileBrowser\XmlResponseHandler.cs" />
125	131	<Compile Include="XmlUtil.cs">
126	132	<SubType>Code</SubType>

FCKeditor.Net/trunk/Util.cs

r1174	r1202
29	29	namespace FredCK.FCKeditorV2
30	30	{
31		~~public~~ sealed class Util
	31	internal sealed class Util
32	32	{
33	33	// The "_mkdir" function is used by the "CreateDirectory" method.
…	…
107	107	}
108	108	}
	109
	110	public static bool ArrayContains( Array array, object value, System.Collections.IComparer comparer )
	111	{
	112	foreach ( object item in array )
	113	{
	114	if ( comparer.Compare( item, value ) == 0 )
	115	return true;
	116	}
	117	return false;
	118	}
109	119	}
110	120	}

FCKeditor.Net/trunk/_whatsnew.html

r1175	r1202
1		<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
	1	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
2	2	<!--
3	3	* FCKeditor - The text editor for Internet - http://www.fckeditor.net
…	…
36	36	Version 2.5</h3>
37	37	<p>
38		<strong><span style="color: #ff0000">Attention :</span></strong> Th~~is version is~~
39		~~not compatible with releases before FCKeditor 2.5~~.</p>
	38	<strong><span style="color: #ff0000">Attention :</span></strong> The File Browser
	39	and Uploader in this version is not compatible with releases before FCKeditor 2.5.1.</p>
40	40	<p>
41	41	New Features and Improvements:</p>
…	…
58	58	setting is enforced by the editor component, to avoid having to set ValidateRequest="false"
59	59	on pages using the editor.</li>
60		<li><span style="color: #ff0000"><strong>Attention :</strong></span> The default connector
61		path has been changed to "/userfiles/", instead of "/UserFiles/". This change should
62		not impact Windows installations.</li>
	60	<li>Several changes to the File Browser and Uploader:<ul>
	61	<li>Several security checks have been introduced. <strong>Upgrading is hightly recommended</strong>.</li>
	62	<li>The code has been reviewed according to our standards, aligning the FCKeditor.Net
	63	File Browser to the same quality and feature level present in other server language
	64	implementations of it, like the PHP implementation.</li>
	65	<li>The connector can now be fully configured by using the "editor/filemanager/connectors/aspx/config.ascx"
	66	file, available with FCKeditor 2.5.1.</li>
	67	<li>For file uploads, the file extension is precisely controlled in a list defined in
	68	the config.ascx file.</li>
	69	<li>It is possible to define different folder locations for each file type.</li>
	70	<li><strong><span style="color: #ff0000">Attention :</span></strong> For security, the
	71	connector must be explicitly activated, by setting "Enabled = true" in the config.ascx
	72	file.</li>
	73	<li><span style="color: #ff0000"><strong>Attention :</strong></span> The default connector
	74	path has been changed to "/userfiles/", instead of "/UserFiles/". This change should
	75	not impact Windows installations.</li>
	76	</ul>
	77	</li>
63	78	</ul>
64	79	<p>