Merge pull request #4289 from overleaf/em-sk-rename-sanitize

Do not HTML escape the file name when renaming a file GitOrigin-RevId: 9b6441e2f53bc34086de9c6a19fa526b833a9134
2024-11-07 20:31:06 -05:00 · 2021-07-08 09:54:42 -04:00 · 2021-07-08 09:54:42 -04:00 · ac90b29928
commit ac90b29928
parent 611019d718
5 changed files with 7 additions and 23 deletions
--- a/services/web/app/src/Features/Compile/CompileController.js
+++ b/services/web/app/src/Features/Compile/CompileController.js
@ -21,7 +21,6 @@ const CompileManager = require('./CompileManager')
 const ClsiManager = require('./ClsiManager')
 const logger = require('logger-sharelatex')
 const request = require('request')
-const sanitize = require('sanitizer')
 const Settings = require('@overleaf/settings')
 const AuthenticationController = require('../Authentication/AuthenticationController')
 const UserGetter = require('../User/UserGetter')
@ -266,7 +265,7 @@ module.exports = CompileController = {
  _getSafeProjectName(project) {
    const wordRegExp = /\W/g
    const safeProjectName = project.name.replace(wordRegExp, '_')
-    return sanitize.escape(safeProjectName)
+    return safeProjectName
  },

  deleteAuxFiles(req, res, next) {
--- a/services/web/app/src/Features/Editor/EditorController.js
+++ b/services/web/app/src/Features/Editor/EditorController.js
@ -16,7 +16,6 @@
 const logger = require('logger-sharelatex')
 const OError = require('@overleaf/o-error')
 const Metrics = require('@overleaf/metrics')
-const sanitize = require('sanitizer')
 const ProjectEntityUpdateHandler = require('../Project/ProjectEntityUpdateHandler')
 const ProjectOptionsHandler = require('../Project/ProjectOptionsHandler')
 const ProjectDetailsHandler = require('../Project/ProjectDetailsHandler')
@ -477,7 +476,6 @@ const EditorController = {
    if (callback == null) {
      callback = function (error) {}
    }
-    newName = sanitize.escape(newName)
    Metrics.inc('editor.rename-entity')
    return ProjectEntityUpdateHandler.renameEntity(
      project_id,
--- a/services/web/package-lock.json
+++ b/services/web/package-lock.json
@ -13725,7 +13725,7 @@
    "bintrees": {
      "version": "1.0.1",
      "resolved": "https://registry.npmjs.org/bintrees/-/bintrees-1.0.1.tgz",
-      "integrity": "sha512-tbaUB1QpTIj4cKY8c1rvNAvEQXA+ekzHmbe4jzNfW3QWsF9GnnP/BRWyl6/qqS53heoYJ93naaFcm/jooONH8g=="
+      "integrity": "sha1-DmVcm5wkNeqraL9AJyJtK1WjRSQ="
    },
    "bl": {
      "version": "4.0.3",
@ -20045,7 +20045,7 @@
    "findit2": {
      "version": "2.2.3",
      "resolved": "https://registry.npmjs.org/findit2/-/findit2-2.2.3.tgz",
-      "integrity": "sha512-lg/Moejf4qXovVutL0Lz4IsaPoNYMuxt4PA0nGqFxnJ1CTTGGlEO2wKgoDpwknhvZ8k4Q2F+eesgkLbG2Mxfog=="
+      "integrity": "sha1-WKRmaX34piBc39vzlVNri9d3pfY="
    },
    "findup-sync": {
      "version": "3.0.0",
@ -25693,7 +25693,7 @@
    "mkdirp": {
      "version": "0.5.1",
      "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.1.tgz",
-      "integrity": "sha1-MAV0OOrGz3+MR2fzhkjWaX11yQM=",
+      "integrity": "sha512-SknJC52obPfGQPnjIkXbmA6+5H15E+fR+E4iR2oQ3zzCLbd7/ONua69R/Gw7AgkTLsRG+r5fzksYwWe1AgTyWA==",
      "requires": {
        "minimist": "0.0.8"
      },
@ -26072,7 +26072,7 @@
    "module-details-from-path": {
      "version": "1.0.3",
      "resolved": "https://registry.npmjs.org/module-details-from-path/-/module-details-from-path-1.0.3.tgz",
-      "integrity": "sha512-ySViT69/76t8VhE1xXHK6Ch4NcDd26gx0MzKXLO+F7NOtnqH68d9zF94nT8ZWSxXh8ELOERsnJO/sWt1xZYw5A=="
+      "integrity": "sha1-EUyUlnPiqKNenTV4hSeqN7Z52is="
    },
    "moment": {
      "version": "2.24.0",
@ -31989,7 +31989,7 @@
    "require-like": {
      "version": "0.1.2",
      "resolved": "https://registry.npmjs.org/require-like/-/require-like-0.1.2.tgz",
-      "integrity": "sha512-oyrU88skkMtDdauHDuKVrgR+zuItqr6/c//FXzvmxRGMexSDc6hNvJInGW3LL46n+8b50RykrvwSUIIQH2LQ5A==",
+      "integrity": "sha1-rW8wwTvs15cBDEaK+ndcDAprR/o=",
      "dev": true
    },
    "require-main-filename": {
@ -32538,11 +32538,6 @@
        }
      }
    },
-    "sanitizer": {
-      "version": "0.1.1",
-      "resolved": "https://registry.npmjs.org/sanitizer/-/sanitizer-0.1.1.tgz",
-      "integrity": "sha512-/0aR4ibYWaa5DTXWs4HeFoL6m78SKU4oXU3WsTYUkVkmjd5jREVjigEOxqYU0sNNL1T+5C++IDGrHz8iPWEYFA=="
-    },
    "saslprep": {
      "version": "1.0.3",
      "resolved": "https://registry.npmjs.org/saslprep/-/saslprep-1.0.3.tgz",
@ -35174,7 +35169,7 @@
    "tdigest": {
      "version": "0.1.1",
      "resolved": "https://registry.npmjs.org/tdigest/-/tdigest-0.1.1.tgz",
-      "integrity": "sha512-CXcDY/NIgIbKZPx5H4JJNpq6JwJhU5Z4+yWj4ZghDc7/9nVajiRlPPyMXRePPPlBfcayUqtoCXjo7/Hm82ecUA==",
+      "integrity": "sha1-Ljyyw56kSeVdHmzZEReszKRYgCE=",
      "requires": {
        "bintrees": "1.0.1"
      }
--- a/services/web/package.json
+++ b/services/web/package.json
@ -161,7 +161,6 @@
    "rimraf": "2.2.6",
    "rolling-rate-limiter": "^0.2.10",
    "sanitize-html": "^1.27.1",
-    "sanitizer": "0.1.1",
    "scroll-into-view-if-needed": "^2.2.25",
    "underscore": "^1.13.1",
    "url-parse": "^1.4.7",
--- a/services/web/test/unit/src/User/UserInfoControllerTests.js
+++ b/services/web/test/unit/src/User/UserInfoControllerTests.js
@ -23,12 +23,6 @@ describe('UserInfoController', function () {
  beforeEach(function () {
    this.UserDeleter = { deleteUser: sinon.stub().callsArgWith(1) }
    this.UserUpdater = { updatePersonalInfo: sinon.stub() }
-    this.sanitizer = {
-      escape(v) {
-        return v
-      },
-    }
-    sinon.spy(this.sanitizer, 'escape')
    this.UserGetter = {}

    this.UserInfoController = SandboxedModule.require(modulePath, {
@ -37,7 +31,6 @@ describe('UserInfoController', function () {
        './UserGetter': this.UserGetter,
        './UserUpdater': this.UserUpdater,
        './UserDeleter': this.UserDeleter,
-        sanitizer: this.sanitizer,
        '../Authentication/AuthenticationController': (this.AuthenticationController = {
          getLoggedInUserId: sinon.stub(),
        }),