Our Hval::to_filename sub has always been strict about emitting
ASCII-only characters for ViewVCS "raw" links.
However, somebody could manually generate a filename with
non-ASCII words for somebody else to download (we have no
cheap and fast way of mapping filenames back to blobs for
validation).
get_css($ctx, $1, $2);
} elsif ($path_info =~ m!$INBOX_RE/($OID_RE)/s/\z!o) {
get_vcs_object($ctx, $1, $2);
- } elsif ($path_info =~ m!$INBOX_RE/($OID_RE)/s/([\w\.\-]+)\z!o) {
+ } elsif ($path_info =~ m!$INBOX_RE/($OID_RE)/s/
+ ($PublicInbox::Hval::FN)\z!ox) {
get_vcs_object($ctx, $1, $2, $3);
} elsif ($path_info =~ m!$INBOX_RE/($OID_RE)/s\z!o) {
r301($ctx, $1, $2, 's/');