Merge pull request #4289 from overleaf/em-sk-rename-sanitize

Do not HTML escape the file name when renaming a file

GitOrigin-RevId: 9b6441e2f53bc34086de9c6a19fa526b833a9134
This commit is contained in:
Eric Mc Sween 2021-07-08 09:54:42 -04:00 committed by Copybot
parent 611019d718
commit ac90b29928
5 changed files with 7 additions and 23 deletions

View file

@ -21,7 +21,6 @@ const CompileManager = require('./CompileManager')
const ClsiManager = require('./ClsiManager')
const logger = require('logger-sharelatex')
const request = require('request')
const sanitize = require('sanitizer')
const Settings = require('@overleaf/settings')
const AuthenticationController = require('../Authentication/AuthenticationController')
const UserGetter = require('../User/UserGetter')
@ -266,7 +265,7 @@ module.exports = CompileController = {
_getSafeProjectName(project) {
const wordRegExp = /\W/g
const safeProjectName = project.name.replace(wordRegExp, '_')
return sanitize.escape(safeProjectName)
return safeProjectName
},
deleteAuxFiles(req, res, next) {

View file

@ -16,7 +16,6 @@
const logger = require('logger-sharelatex')
const OError = require('@overleaf/o-error')
const Metrics = require('@overleaf/metrics')
const sanitize = require('sanitizer')
const ProjectEntityUpdateHandler = require('../Project/ProjectEntityUpdateHandler')
const ProjectOptionsHandler = require('../Project/ProjectOptionsHandler')
const ProjectDetailsHandler = require('../Project/ProjectDetailsHandler')
@ -477,7 +476,6 @@ const EditorController = {
if (callback == null) {
callback = function (error) {}
}
newName = sanitize.escape(newName)
Metrics.inc('editor.rename-entity')
return ProjectEntityUpdateHandler.renameEntity(
project_id,

View file

@ -13725,7 +13725,7 @@
"bintrees": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/bintrees/-/bintrees-1.0.1.tgz",
"integrity": "sha512-tbaUB1QpTIj4cKY8c1rvNAvEQXA+ekzHmbe4jzNfW3QWsF9GnnP/BRWyl6/qqS53heoYJ93naaFcm/jooONH8g=="
"integrity": "sha1-DmVcm5wkNeqraL9AJyJtK1WjRSQ="
},
"bl": {
"version": "4.0.3",
@ -20045,7 +20045,7 @@
"findit2": {
"version": "2.2.3",
"resolved": "https://registry.npmjs.org/findit2/-/findit2-2.2.3.tgz",
"integrity": "sha512-lg/Moejf4qXovVutL0Lz4IsaPoNYMuxt4PA0nGqFxnJ1CTTGGlEO2wKgoDpwknhvZ8k4Q2F+eesgkLbG2Mxfog=="
"integrity": "sha1-WKRmaX34piBc39vzlVNri9d3pfY="
},
"findup-sync": {
"version": "3.0.0",
@ -25693,7 +25693,7 @@
"mkdirp": {
"version": "0.5.1",
"resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.1.tgz",
"integrity": "sha1-MAV0OOrGz3+MR2fzhkjWaX11yQM=",
"integrity": "sha512-SknJC52obPfGQPnjIkXbmA6+5H15E+fR+E4iR2oQ3zzCLbd7/ONua69R/Gw7AgkTLsRG+r5fzksYwWe1AgTyWA==",
"requires": {
"minimist": "0.0.8"
},
@ -26072,7 +26072,7 @@
"module-details-from-path": {
"version": "1.0.3",
"resolved": "https://registry.npmjs.org/module-details-from-path/-/module-details-from-path-1.0.3.tgz",
"integrity": "sha512-ySViT69/76t8VhE1xXHK6Ch4NcDd26gx0MzKXLO+F7NOtnqH68d9zF94nT8ZWSxXh8ELOERsnJO/sWt1xZYw5A=="
"integrity": "sha1-EUyUlnPiqKNenTV4hSeqN7Z52is="
},
"moment": {
"version": "2.24.0",
@ -31989,7 +31989,7 @@
"require-like": {
"version": "0.1.2",
"resolved": "https://registry.npmjs.org/require-like/-/require-like-0.1.2.tgz",
"integrity": "sha512-oyrU88skkMtDdauHDuKVrgR+zuItqr6/c//FXzvmxRGMexSDc6hNvJInGW3LL46n+8b50RykrvwSUIIQH2LQ5A==",
"integrity": "sha1-rW8wwTvs15cBDEaK+ndcDAprR/o=",
"dev": true
},
"require-main-filename": {
@ -32538,11 +32538,6 @@
}
}
},
"sanitizer": {
"version": "0.1.1",
"resolved": "https://registry.npmjs.org/sanitizer/-/sanitizer-0.1.1.tgz",
"integrity": "sha512-/0aR4ibYWaa5DTXWs4HeFoL6m78SKU4oXU3WsTYUkVkmjd5jREVjigEOxqYU0sNNL1T+5C++IDGrHz8iPWEYFA=="
},
"saslprep": {
"version": "1.0.3",
"resolved": "https://registry.npmjs.org/saslprep/-/saslprep-1.0.3.tgz",
@ -35174,7 +35169,7 @@
"tdigest": {
"version": "0.1.1",
"resolved": "https://registry.npmjs.org/tdigest/-/tdigest-0.1.1.tgz",
"integrity": "sha512-CXcDY/NIgIbKZPx5H4JJNpq6JwJhU5Z4+yWj4ZghDc7/9nVajiRlPPyMXRePPPlBfcayUqtoCXjo7/Hm82ecUA==",
"integrity": "sha1-Ljyyw56kSeVdHmzZEReszKRYgCE=",
"requires": {
"bintrees": "1.0.1"
}

View file

@ -161,7 +161,6 @@
"rimraf": "2.2.6",
"rolling-rate-limiter": "^0.2.10",
"sanitize-html": "^1.27.1",
"sanitizer": "0.1.1",
"scroll-into-view-if-needed": "^2.2.25",
"underscore": "^1.13.1",
"url-parse": "^1.4.7",

View file

@ -23,12 +23,6 @@ describe('UserInfoController', function () {
beforeEach(function () {
this.UserDeleter = { deleteUser: sinon.stub().callsArgWith(1) }
this.UserUpdater = { updatePersonalInfo: sinon.stub() }
this.sanitizer = {
escape(v) {
return v
},
}
sinon.spy(this.sanitizer, 'escape')
this.UserGetter = {}
this.UserInfoController = SandboxedModule.require(modulePath, {
@ -37,7 +31,6 @@ describe('UserInfoController', function () {
'./UserGetter': this.UserGetter,
'./UserUpdater': this.UserUpdater,
'./UserDeleter': this.UserDeleter,
sanitizer: this.sanitizer,
'../Authentication/AuthenticationController': (this.AuthenticationController = {
getLoggedInUserId: sinon.stub(),
}),