From 92a7602c1601957a70267f843ee7f06901b568ec Mon Sep 17 00:00:00 2001
From: gedong <gedong_1994@163.com>
Date: Fri, 10 Feb 2023 17:44:08 +0800
Subject: [PATCH 1/4] escape filename when assemble URL

---
 services/repository/files/content.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/services/repository/files/content.go b/services/repository/files/content.go
index a311625f31593..d2bec40dc6672 100644
--- a/services/repository/files/content.go
+++ b/services/repository/files/content.go
@@ -158,7 +158,7 @@ func GetContents(ctx context.Context, repo *repo_model.Repository, treePath, ref
 		return nil, fmt.Errorf("no commit found for the ref [ref: %s]", ref)
 	}
 
-	selfURL, err := url.Parse(fmt.Sprintf("%s/contents/%s?ref=%s", repo.APIURL(), treePath, origRef))
+	selfURL, err := url.Parse(fmt.Sprintf("%s/contents/%s?ref=%s", repo.APIURL(), url.PathEscape(treePath), origRef))
 	if err != nil {
 		return nil, err
 	}
@@ -217,7 +217,7 @@ func GetContents(ctx context.Context, repo *repo_model.Repository, treePath, ref
 	}
 	// Handle links
 	if entry.IsRegular() || entry.IsLink() {
-		downloadURL, err := url.Parse(fmt.Sprintf("%s/raw/%s/%s/%s", repo.HTMLURL(), refType, ref, treePath))
+		downloadURL, err := url.Parse(fmt.Sprintf("%s/raw/%s/%s/%s", repo.HTMLURL(), refType, ref, url.PathEscape(treePath)))
 		if err != nil {
 			return nil, err
 		}
@@ -225,7 +225,7 @@ func GetContents(ctx context.Context, repo *repo_model.Repository, treePath, ref
 		contentsResponse.DownloadURL = &downloadURLString
 	}
 	if !entry.IsSubModule() {
-		htmlURL, err := url.Parse(fmt.Sprintf("%s/src/%s/%s/%s", repo.HTMLURL(), refType, ref, treePath))
+		htmlURL, err := url.Parse(fmt.Sprintf("%s/src/%s/%s/%s", repo.HTMLURL(), refType, ref, url.PathEscape(treePath)))
 		if err != nil {
 			return nil, err
 		}

From 1b766adc70368f7fd39f9da2488958c4358e705a Mon Sep 17 00:00:00 2001
From: gedong <gedong_1994@163.com>
Date: Fri, 10 Feb 2023 22:18:20 +0800
Subject: [PATCH 2/4] use util.PathEscapeSegments

---
 services/repository/files/content.go | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/services/repository/files/content.go b/services/repository/files/content.go
index d2bec40dc6672..45cc811bfc02a 100644
--- a/services/repository/files/content.go
+++ b/services/repository/files/content.go
@@ -15,6 +15,7 @@ import (
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/util"
 )
 
 // ContentType repo content type
@@ -158,7 +159,7 @@ func GetContents(ctx context.Context, repo *repo_model.Repository, treePath, ref
 		return nil, fmt.Errorf("no commit found for the ref [ref: %s]", ref)
 	}
 
-	selfURL, err := url.Parse(fmt.Sprintf("%s/contents/%s?ref=%s", repo.APIURL(), url.PathEscape(treePath), origRef))
+	selfURL, err := url.Parse(fmt.Sprintf("%s/contents/%s?ref=%s", repo.APIURL(), util.PathEscapeSegments(treePath), origRef))
 	if err != nil {
 		return nil, err
 	}
@@ -217,7 +218,7 @@ func GetContents(ctx context.Context, repo *repo_model.Repository, treePath, ref
 	}
 	// Handle links
 	if entry.IsRegular() || entry.IsLink() {
-		downloadURL, err := url.Parse(fmt.Sprintf("%s/raw/%s/%s/%s", repo.HTMLURL(), refType, ref, url.PathEscape(treePath)))
+		downloadURL, err := url.Parse(fmt.Sprintf("%s/raw/%s/%s/%s", repo.HTMLURL(), refType, ref, util.PathEscapeSegments(treePath)))
 		if err != nil {
 			return nil, err
 		}
@@ -225,7 +226,7 @@ func GetContents(ctx context.Context, repo *repo_model.Repository, treePath, ref
 		contentsResponse.DownloadURL = &downloadURLString
 	}
 	if !entry.IsSubModule() {
-		htmlURL, err := url.Parse(fmt.Sprintf("%s/src/%s/%s/%s", repo.HTMLURL(), refType, ref, url.PathEscape(treePath)))
+		htmlURL, err := url.Parse(fmt.Sprintf("%s/src/%s/%s/%s", repo.HTMLURL(), refType, ref, util.PathEscapeSegments(treePath)))
 		if err != nil {
 			return nil, err
 		}

From ec078098544e4b1cfaceb2e0d2e09c8b947d15f5 Mon Sep 17 00:00:00 2001
From: Andrew Thornton <art27@cantab.net>
Date: Sat, 11 Feb 2023 15:08:46 +0000
Subject: [PATCH 3/4] More escaping in content.go

---
 services/repository/files/content.go | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/services/repository/files/content.go b/services/repository/files/content.go
index 45cc811bfc02a..31827e8846ed3 100644
--- a/services/repository/files/content.go
+++ b/services/repository/files/content.go
@@ -159,7 +159,7 @@ func GetContents(ctx context.Context, repo *repo_model.Repository, treePath, ref
 		return nil, fmt.Errorf("no commit found for the ref [ref: %s]", ref)
 	}
 
-	selfURL, err := url.Parse(fmt.Sprintf("%s/contents/%s?ref=%s", repo.APIURL(), util.PathEscapeSegments(treePath), origRef))
+	selfURL, err := url.Parse(repo.APIURL() + "/contents/" + util.PathEscapeSegments(treePath) + "?ref=" + url.QueryEscape(origRef))
 	if err != nil {
 		return nil, err
 	}
@@ -218,7 +218,7 @@ func GetContents(ctx context.Context, repo *repo_model.Repository, treePath, ref
 	}
 	// Handle links
 	if entry.IsRegular() || entry.IsLink() {
-		downloadURL, err := url.Parse(fmt.Sprintf("%s/raw/%s/%s/%s", repo.HTMLURL(), refType, ref, util.PathEscapeSegments(treePath)))
+		downloadURL, err := url.Parse(repo.HTMLURL() + "/raw/" + url.PathEscape(string(refType)) + "/" + util.PathEscapeSegments(ref) + "/" + util.PathEscapeSegments(treePath))
 		if err != nil {
 			return nil, err
 		}
@@ -226,7 +226,7 @@ func GetContents(ctx context.Context, repo *repo_model.Repository, treePath, ref
 		contentsResponse.DownloadURL = &downloadURLString
 	}
 	if !entry.IsSubModule() {
-		htmlURL, err := url.Parse(fmt.Sprintf("%s/src/%s/%s/%s", repo.HTMLURL(), refType, ref, util.PathEscapeSegments(treePath)))
+		htmlURL, err := url.Parse(repo.HTMLURL() + "/src/" + url.PathEscape(string(refType)) + "/" + util.PathEscapeSegments(ref) + "/" + util.PathEscapeSegments(treePath))
 		if err != nil {
 			return nil, err
 		}
@@ -234,7 +234,7 @@ func GetContents(ctx context.Context, repo *repo_model.Repository, treePath, ref
 		contentsResponse.HTMLURL = &htmlURLString
 		contentsResponse.Links.HTMLURL = &htmlURLString
 
-		gitURL, err := url.Parse(fmt.Sprintf("%s/git/blobs/%s", repo.APIURL(), entry.ID.String()))
+		gitURL, err := url.Parse(repo.APIURL() + "/git/blobs/" + url.PathEscape(entry.ID.String()))
 		if err != nil {
 			return nil, err
 		}

From 5734c4ce1738308823070421ea2a6130032edaa4 Mon Sep 17 00:00:00 2001
From: Andrew Thornton <art27@cantab.net>
Date: Sat, 11 Feb 2023 15:10:38 +0000
Subject: [PATCH 4/4] fix escaping in endpoint.go

Signed-off-by: Andrew Thornton <art27@cantab.net>
---
 modules/lfs/endpoint.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/lfs/endpoint.go b/modules/lfs/endpoint.go
index 3ae3cf077b2ca..2931defcd9529 100644
--- a/modules/lfs/endpoint.go
+++ b/modules/lfs/endpoint.go
@@ -4,7 +4,6 @@
 package lfs
 
 import (
-	"fmt"
 	"net/url"
 	"os"
 	"path"
@@ -12,6 +11,7 @@ import (
 	"strings"
 
 	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/util"
 )
 
 // DetermineEndpoint determines an endpoint from the clone url or uses the specified LFS url.
@@ -95,7 +95,7 @@ func endpointFromLocalPath(path string) *url.URL {
 		return nil
 	}
 
-	path = fmt.Sprintf("file://%s%s", slash, filepath.ToSlash(path))
+	path = "file://" + slash + util.PathEscapeSegments(filepath.ToSlash(path))
 
 	u, _ := url.Parse(path)