Local-GitHub-Proxy/Sub-Store
1
0
Fork 0
mirror of https://git.mirrors.martin98.com/https://github.com/sub-store-org/Sub-Store.git synced 2026-04-05 07:13:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: Restrict artifact name in order to fix a Gist API bug

Browse Source
This commit is contained in:
Peng-YM
2022-07-08 10:47:38 +08:00
parent b1d811e4c5
commit 8aed0665e3
5 changed files with 35 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
backend/src/restful/artifacts.js
View File

@@ -64,6 +64,17 @@ async function getArtifact(req, res) {
function createArtifact(req, res) {
const artifact = req.body;
if (!validateArtifactName(artifact.name)) {
failed(
res,
new RequestInvalidError(
'INVALID_ARTIFACT_NAME',
`Artifact name ${artifact.name} is invalid.`,
),
);
return;
}
$.info(`正在创建远程配置:${artifact.name}`);
const allArtifacts = $.read(ARTIFACTS_KEY);
if (findByName(allArtifacts, artifact.name)) {
@@ -92,6 +103,16 @@ function updateArtifact(req, res) {
...artifact,
...req.body,
};
if (!validateArtifactName(newArtifact.name)) {
failed(
res,
new RequestInvalidError(
'INVALID_ARTIFACT_NAME',
`Artifact name ${newArtifact.name} is invalid.`,
),
);
return;
}
updateByName(allArtifacts, oldName, newArtifact);
$.write(allArtifacts, ARTIFACTS_KEY);
success(res, newArtifact);
@@ -407,4 +428,8 @@ async function produceArtifact({ type, name, platform }) {
}
}
function validateArtifactName(name) {
return /^[a-zA-Z0-9._-]*$/.test(name);
}
export { syncToGist, produceArtifact };