githaven-fork/templates/repo/editor/upload.tmpl
silverwind cda44750cb
Attachments: Add extension support, allow all types for releases (#12465)
* Attachments: Add extension support, allow all types for releases

- Add support for file extensions, matching the `accept` attribute of `<input type="file">`
- Add support for type wildcard mime types, e.g. `image/*`
- Create repository.release.ALLOWED_TYPES setting (default unrestricted)
- Change default for attachment.ALLOWED_TYPES to a list of extensions
- Split out POST /attachments into two endpoints for issue/pr and
  releases to prevent circumvention of allowed types check

Fixes: https://github.com/go-gitea/gitea/pull/10172
Fixes: https://github.com/go-gitea/gitea/issues/7266
Fixes: https://github.com/go-gitea/gitea/pull/12460
Ref: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/file#Unique_file_type_specifiers

* rename function

* extract GET routes out of RepoMustNotBeArchived

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-10-05 01:49:33 -04:00

37 lines
1.6 KiB
Handlebars

{{template "base/head" .}}
<div class="repository file editor upload">
{{template "repo/header" .}}
<div class="ui container">
{{template "base/alert" .}}
<form class="ui comment form" method="post">
{{.CsrfTokenHtml}}
<div class="ui secondary menu">
<div class="item fitted treepath">
<div class="ui breadcrumb field {{if .Err_TreePath}}error{{end}}">
<a class="section" href="{{EscapePound $.BranchLink}}">{{.Repository.Name}}</a>
{{ $n := len .TreeNames}}
{{ $l := Subtract $n 1}}
{{range $i, $v := .TreeNames}}
<div class="divider"> / </div>
{{if eq $i $l}}
<input type="text" id="file-name" value="{{$v}}" placeholder="{{$.i18n.Tr "repo.editor.add_subdir"}}" autofocus>
<span class="poping up" data-content="{{$.i18n.Tr "repo.editor.filename_help"}}" data-position="bottom center" data-variation="tiny inverted">{{svg "octicon-info"}}</span>
{{else}}
<span class="section"><a href="{{EscapePound $.BranchLink}}/{{index $.TreePaths $i | EscapePound}}">{{$v}}</a></span>
{{end}}
{{end}}
<span>{{.i18n.Tr "repo.editor.or"}} <a href="{{EscapePound $.BranchLink}}{{if not .IsNewFile}}/{{EscapePound .TreePath}}{{end}}">{{.i18n.Tr "repo.editor.cancel_lower"}}</a></span>
<input type="hidden" id="tree_path" name="tree_path" value="{{.TreePath}}" required>
</div>
</div>
</div>
<div class="field">
<div class="files"></div>
{{template "repo/upload" .}}
</div>
{{template "repo/editor/commit_form" .}}
</form>
</div>
</div>
{{template "base/footer" .}}