- Fix delete for domain and Root File Manager: use sudo helper when
lscpd/executioner fails (TOKEN/sendCommand issues)
- Add safe-delete-path and safe-move-path helpers for base64 path handling
- Add ACLManager.isPathInsideHome and isFilePathSafeForShell for path validation
- Fix upload authorization for Root File Manager (domainName empty)
- Harden outputExecutioner result checks to prevent 500 on None
- Update Bootstrap CDN for CSP compatibility
- Improve error display and a11y focus management in modals
- Resolves#1670: files with special characters can be uploaded/deleted
- Changed from incorrect URI splitting to proper request.GET.get() method
- Added proper URL decoding with unquote()
- Fixed both downloadFile and RootDownloadFile functions
- Added path normalization for additional security
- Added file existence validation
- Improved error messages to match reported error format
This fixes the 'Unauthorized access: Not a valid file' error when downloading files from the file manager.
