Pierre-Yves David <pierre-yves.david@logilab.fr> [Tue, 11 Dec 2012 17:17:40 +0100] rev 8610
[downloadable] fix filename HTTP header for simple name with space (closes #2535715)
Since d74addac92bb, we export simple ascii filename without any encoding in the
`filename` parameter of the `Content-Disposition` header. If this name contains
space this will fails, the parameter value will be truncated at the space
position. (eg. `filename=jungle babar.txt` read as `jungle`)
We need to quote the filename to prevent this (eg. `filename="jungle babar.txt"`).
Then literal quote and backslash needs to be escaped too.
The new escaping is correct according this extensive test case data base:
http://greenbytes.de/tech/tc2231/
Nicolas Chauvat <nicolas.chauvat@logilab.fr> [Mon, 03 Dec 2012 00:03:03 +0100] rev 8609
merge fixes from stable
David Douard <david.douard@logilab.fr> [Fri, 30 Nov 2012 21:19:36 +0100] rev 8608
Added tag cubicweb-debian-version-3.15.6-1 for changeset b05e156b8fe7
David Douard <david.douard@logilab.fr> [Fri, 30 Nov 2012 21:19:35 +0100] rev 8607
Added tag cubicweb-version-3.15.6 for changeset 0163bd9f4880
David Douard <david.douard@logilab.fr> [Fri, 30 Nov 2012 21:18:05 +0100] rev 8606
prepare 3.15.6
David Douard <david.douard@logilab.fr> [Tue, 27 Nov 2012 14:48:03 +0100] rev 8605
[web] add a digital signature to error form (closes #2522526)
Simple (and quite weak) implementation of a digital signature of the content
to be submited by email in the error report view generated by ErrorView.
The signature is a simple hmac hash computed using a secret key (generated at
repository startup) and the "secret" form content to be included in the
notification email. The controller can then check this content has not been
modified or forged by a malicious user.
Nicolas Chauvat <nicolas.chauvat@logilab.fr> [Wed, 28 Nov 2012 11:44:15 +0100] rev 8604
[web/views] bugfix: the mime type is text/plain, not text/txt (closes #2526345)