klmp200/Sith
1
0
Fork 0
mirror of https://github.com/ae-utbm/sith.git synced 2025-07-09 19:40:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix CVE-2023-31047

Browse Source
This commit is contained in:
Antoine Bartuccio
2024-06-22 21:16:42 +02:00
parent e681c17a0f
commit e1bf7caa9a
3 changed files with 30 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
core/views/files.py
View File

@ -79,12 +79,37 @@ def send_file(request, file_id, file_class=SithFile, file_attr="file"):
return response
class MultipleFileInput(forms.ClearableFileInput):
allow_multiple_selected = True
class _MultipleFieldMixin:
def __init__(self, *args, **kwargs):
kwargs.setdefault("widget", MultipleFileInput())
super().__init__(*args, **kwargs)
def clean(self, data, initial=None):
single_file_clean = super().clean
if isinstance(data, (list, tuple)):
result = [single_file_clean(d, initial) for d in data]
else:
result = [single_file_clean(data, initial)]
return result
class MultipleFileField(_MultipleFieldMixin, forms.FileField):
...
class MultipleImageField(_MultipleFieldMixin, forms.ImageField):
...
class AddFilesForm(forms.Form):
folder_name = forms.CharField(
label=_("Add a new folder"), max_length=30, required=False
)
file_field = forms.FileField(
widget=forms.ClearableFileInput(attrs={"multiple": True}),
file_field = MultipleFileField(
label=_("Files"),
required=False,
)