+# This file is part of FNP-Redakcja, licensed under GNU Affero GPLv3 or later.
+# Copyright © Fundacja Nowoczesna Polska. See NOTICE for more information.
+#
import json
import os
-from urllib import quote
+from urllib.parse import quote
from django.conf import settings
from django.http import HttpResponse, HttpResponseRedirect, HttpResponseForbidden, Http404
from django.utils.decorators import method_decorator
-from django.utils.encoding import smart_bytes
from django.views.decorators.vary import vary_on_headers
from django.views.generic import FormView, View
from .forms import UploadForm
Makes sure it's inside MEDIA_ROOT.
"""
- filename = smart_bytes(filename)
path = os.path.abspath(os.path.join(
settings.MEDIA_ROOT,
- smart_bytes(self.get_directory()),
+ self.get_directory(),
filename))
if not path.startswith(settings.MEDIA_ROOT):
raise Http404
return super(UploadView, self).dispatch(request, *args, **kwargs)
def get(self, request, *args, **kwargs):
- if request.is_ajax():
+ if request.headers.get('x-requested-with') == 'XMLHttpRequest':
files = []
path = self.get_safe_path()
if os.path.isdir(path):
os.makedirs(path)
data = []
for f in flist:
- with open(self.get_safe_path(f.name), 'w') as destination:
+ with open(self.get_safe_path(f.name), 'wb') as destination:
for chunk in f.chunks():
destination.write(chunk)
data.append({