extern/bruno
1
0
Fork 1
mirror of https://github.com/usebruno/bruno.git synced 2025-08-09 13:25:06 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix/invalid file name handling (#3274)

Browse Source 
* feat: implement utility function `isValidFilename`
* refactor: added filename validator checks for `rename-item` and `new-request`
* chore: added `fileName.startsWith('.')`
This commit is contained in:
Pragadesh-45
2024-11-29 12:04:59 +05:30
committed by GitHub
parent 39a44e9b4f
commit 707cddea90
2 changed files with 25 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
packages/bruno-electron/src/ipc/collection.js
View File

@ -17,7 +17,8 @@ const {
isWSLPath, isWSLPath,
normalizeWslPath, normalizeWslPath,
normalizeAndResolvePath, normalizeAndResolvePath,
safeToRename safeToRename,
isValidFilename
} = require('../utils/filesystem'); } = require('../utils/filesystem');
const { openCollectionDialog } = require('../app/collections'); const { openCollectionDialog } = require('../app/collections');
const { generateUidBasedOnHash, stringifyJson, safeParseJSON, safeStringifyJSON } = require('../utils/common'); const { generateUidBasedOnHash, stringifyJson, safeParseJSON, safeStringifyJSON } = require('../utils/common');
@ -201,7 +202,9 @@ const registerRendererEventHandlers = (mainWindow, watcher, lastOpenedCollection
if (fs.existsSync(pathname)) { if (fs.existsSync(pathname)) {
throw new Error(`path: ${pathname} already exists`); throw new Error(`path: ${pathname} already exists`);
} }
if (!isValidFilename(request.name)) {
throw new Error(`path: ${request.name}.bru is not a valid filename`);
}
const content = jsonToBru(request); const content = jsonToBru(request);
await writeFile(pathname, content); await writeFile(pathname, content);
} catch (error) { } catch (error) {
@ -366,6 +369,10 @@ const registerRendererEventHandlers = (mainWindow, watcher, lastOpenedCollection
throw new Error(`path: ${oldPath} is not a bru file`); throw new Error(`path: ${oldPath} is not a bru file`);
} }
if (!isValidFilename(newName)) {
throw new Error(`path: ${newName} is not a valid filename`);
}
// update name in file and save new copy, then delete old copy // update name in file and save new copy, then delete old copy
const data = fs.readFileSync(oldPath, 'utf8'); const data = fs.readFileSync(oldPath, 'utf8');
const jsonData = bruToJson(data); const jsonData = bruToJson(data);

17
packages/bruno-electron/src/utils/filesystem.js
View File

@ -160,6 +160,20 @@ const sanitizeDirectoryName = (name) => {
return name.replace(/[<>:"/\\|?*\x00-\x1F]+/g, '-'); return name.replace(/[<>:"/\\|?*\x00-\x1F]+/g, '-');
}; };
const isValidFilename = (fileName) => {
const inValidChars = /[\\/:*?"<>|]/;
if (!fileName || inValidChars.test(fileName)) {
return false;
}
if (fileName.endsWith(' ') || fileName.endsWith('.') || fileName.startsWith('.')) {
return false;
}
return true;
};
const safeToRename = (oldPath, newPath) => { const safeToRename = (oldPath, newPath) => {
try { try {
// If the new path doesn't exist, it's safe to rename // If the new path doesn't exist, it's safe to rename
@ -204,5 +218,6 @@ module.exports = {
searchForFiles, searchForFiles,
searchForBruFiles, searchForBruFiles,
sanitizeDirectoryName, sanitizeDirectoryName,
safeToRename safeToRename,
isValidFilename
}; };