From 316b6323384b6da77c01d6b8e797021e72fe75f6 Mon Sep 17 00:00:00 2001 From: Pragadesh-45 <54320162+Pragadesh-45@users.noreply.github.com> Date: Sun, 15 Dec 2024 16:38:56 +0530 Subject: [PATCH] refactor: add sanitization for collection names and improve directory name handling (#3559) --- packages/bruno-electron/src/ipc/collection.js | 10 +++++++++- packages/bruno-electron/src/utils/filesystem.js | 7 ++++++- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/packages/bruno-electron/src/ipc/collection.js b/packages/bruno-electron/src/ipc/collection.js index ef6f98218..d1ff7c3f9 100644 --- a/packages/bruno-electron/src/ipc/collection.js +++ b/packages/bruno-electron/src/ipc/collection.js @@ -20,6 +20,7 @@ const { normalizeWslPath, normalizeAndResolvePath, safeToRename, + sanitizeCollectionName, isWindowsOS, isValidFilename, hasSubDirectories, @@ -68,6 +69,8 @@ const registerRendererEventHandlers = (mainWindow, watcher, lastOpenedCollection 'renderer:create-collection', async (event, collectionName, collectionFolderName, collectionLocation) => { try { + collectionFolderName = sanitizeDirectoryName(collectionFolderName); + collectionName = sanitizeCollectionName(collectionName); const dirPath = path.join(collectionLocation, collectionFolderName); if (fs.existsSync(dirPath)) { const files = fs.readdirSync(dirPath); @@ -105,6 +108,7 @@ const registerRendererEventHandlers = (mainWindow, watcher, lastOpenedCollection ipcMain.handle( 'renderer:clone-collection', async (event, collectionName, collectionFolderName, collectionLocation, previousPath) => { + collectionFolderName = sanitizeCollectionName(collectionFolderName); const dirPath = path.join(collectionLocation, collectionFolderName); if (fs.existsSync(dirPath)) { throw new Error(`collection: ${dirPath} already exists`); @@ -150,6 +154,7 @@ const registerRendererEventHandlers = (mainWindow, watcher, lastOpenedCollection // rename collection ipcMain.handle('renderer:rename-collection', async (event, newName, collectionPathname) => { try { + newName = sanitizeCollectionName(newName); const brunoJsonFilePath = path.join(collectionPathname, 'bruno.json'); const content = fs.readFileSync(brunoJsonFilePath, 'utf8'); const json = JSON.parse(content); @@ -442,6 +447,8 @@ const registerRendererEventHandlers = (mainWindow, watcher, lastOpenedCollection // new folder ipcMain.handle('renderer:new-folder', async (event, pathname) => { + const resolvedFolderName = sanitizeDirectoryName(path.basename(pathname)); + pathname = path.join(path.dirname(pathname), resolvedFolderName); try { if (!fs.existsSync(pathname)) { fs.mkdirSync(pathname); @@ -500,7 +507,7 @@ const registerRendererEventHandlers = (mainWindow, watcher, lastOpenedCollection ipcMain.handle('renderer:import-collection', async (event, collection, collectionLocation) => { try { - let collectionName = sanitizeDirectoryName(collection.name); + let collectionName = sanitizeCollectionName(collection.name); let collectionPath = path.join(collectionLocation, collectionName); if (fs.existsSync(collectionPath)) { @@ -516,6 +523,7 @@ const registerRendererEventHandlers = (mainWindow, watcher, lastOpenedCollection fs.writeFileSync(filePath, content); } if (item.type === 'folder') { + item.name = sanitizeDirectoryName(item.name); const folderPath = path.join(currentPath, item.name); fs.mkdirSync(folderPath); diff --git a/packages/bruno-electron/src/utils/filesystem.js b/packages/bruno-electron/src/utils/filesystem.js index ec393bd51..d2f74d10e 100644 --- a/packages/bruno-electron/src/utils/filesystem.js +++ b/packages/bruno-electron/src/utils/filesystem.js @@ -161,8 +161,12 @@ const searchForBruFiles = (dir) => { return searchForFiles(dir, '.bru'); }; +const sanitizeCollectionName = (name) => { + return name.trim(); +} + const sanitizeDirectoryName = (name) => { - return name.replace(/[<>:"/\\|?*\x00-\x1F]+/g, '-'); + return name.replace(/[<>:"/\\|?*\x00-\x1F]+/g, '-').trim(); }; const isWindowsOS = () => { @@ -227,6 +231,7 @@ module.exports = { searchForFiles, searchForBruFiles, sanitizeDirectoryName, + sanitizeCollectionName, isWindowsOS, safeToRename, isValidFilename,