Upload & Replace does not show loading bar correctly

See the following screenshot:

The bar is not green. The bar then changes to green, when clicking on the upload link.

mentioned in issue #2572 (closed)

That was intentional but probably not ideal. If we want the upload to automatically occur, then we would need to use the uploader controller to store the file, dynamically get back the filename, and then pass the filename to the blob controller. Let me look into that.

Ah, ok. I was confused of the Remove file, of which I was thinking of it was already uploaded.

Status changed to closed

FYI, I looked into this briefly. It's easy to use the existing uploader controller to save the file away and get back a filename, but it's a bit hard to do this all securely.

The uploader controller was designed to provide a URL for Markdown areas, not as a way to stage files for commits. The difference manifests when the blob controller needs to read the stored file, but how does it get the filename? If it gets this from the form, a user could potentially inject arbitrary filenames. This could be mitigated by restricting the blob uploads to a sandboxed area. Alternatively, the upload controller could store the last uploaded filename internally (e.g. via database or session data), and the form submission would just kick things off.

mentioned in merge request !14785