Adding safeFileName option. This closes #13

Author: richardgirges

lib/index.js

@@ -1,6 +1,6 @@
-var busboy      = require('connect-busboy'),
-  fs          = require('fs-extra'),
-  streamifier = require('streamifier');
+var busboy = require('connect-busboy');
+var fs = require('fs-extra');
+var streamifier = require('streamifier');
 
 module.exports = function(options) {
   options = options || {};
@@ -21,9 +21,11 @@ module.exports = function(options) {
 
       req.busboy.on('file', function(fieldname, file, filename, encoding, mimetype) {
         var buf = new Buffer(0);
+        var safeFileNameRegex = /[^\w-]/g;
 
         file.on('data', function(data) {
           buf = Buffer.concat([buf, data]);
+
           if (options.debug) {
             return console.log('Uploading %s -> %s', fieldname, filename);
           }
@@ -33,14 +35,21 @@ module.exports = function(options) {
           if (!req.files)
             req.files = {};
 
-          
           // see: https://github.com/richardgirges/express-fileupload/issues/14
           // firefox uploads empty file in case of cache miss when f5ing page.
           // resulting in unexpected behavior. if there is no file data, the file is invalid.
-          
           if(!buf.length) 
             return;
 
+          if (options.safeFileNames) {
+            if (typeof options.safeFileNames === 'object')
+              safeFileNameRegex = options.safeFileNames;
+
+            filename = filename.replace(safeFileNameRegex, '');
+
+            console.log('filename yo', filename);
+          }
+
           return req.files[fieldname] = {
             name: filename,
             data: buf,
@@ -58,8 +67,6 @@ module.exports = function(options) {
               });
             }
           };
-          
-          
         });
       });