fileserver: grid view - preview img src attribute is not URL query-escaped

[DenebTM]

In the grid view of the file browser's default template, if the filename of an image contains the characters # or ?, the preview doesn't appear, since web browsers (at least Firefox and Chromium) parse the src attribute as an URL. The href attribute pointing to the file itself is unaffected, so it remains possible to click on these files to open them, only the preview is broken.

[mholt]

Thanks! Fixed.

[DenebTM]

Oh nice, that was fast! Two things though.

1. A literal % needs to be encoded as %25, else any filename containing a percent followed by hexadecimal digits will break. And although it doesn't seem to be an issue, & should be encoded as %26 for completeness' sake.

2. Tbh I was kind of anticipating less of a "quick and dirty" fix than my own lol. It seems to me that a custom function wrapping Go's url.PathEscape should be added to the template module, since the closest built-in function urlquery from text/templates isn't quite suitable for escaping paths.

[mholt]

I actually thought the html template action would escape accordingly based on context, but I guess that doesn't work.

I didn't reference any other implemention, only just now saw that you pushed some of your own commit elsewhere.