-
Notifications
You must be signed in to change notification settings - Fork 113
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Release/v1.10.0 #583
base: master
Are you sure you want to change the base?
Release/v1.10.0 #583
Conversation
LinneyS
commented
Jul 31, 2024
- nodejs: tabs menu
- nodejs: converting function on index page
- java-spring: using java docs-integration-sdk
- creating and editing pdf instead docxf
- filling by default
- forgotten files
- delete all files
- save as for pdf
- handling conversion -9 error
- change inserted image
- different goback for users
Feature/php forced conversion
…inside remove http method
build(ruby): updated gemfile.lock to 0 vulnerabilities
# Conflicts: # web/documentserver-example/ruby/Gemfile.lock
Fix/nodejs conversion error
fileSystem.writeFileSync(req.DocManager.storagePath(correctName), data); | ||
fileSystem.unlinkSync(req.DocManager.storagePath(fileName)); // remove file with the origin extension | ||
if (fileUtility.getFileType(correctName) !== null) { | ||
fileSystem.writeFileSync(req.DocManager.storagePath(correctName), data); |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression High
user-provided value
|
||
const userAddress = req.DocManager.curUserHostAddress(); | ||
const historyPath = req.DocManager.historyPath(fileName, userAddress, true); | ||
// get the history path to the file with a new extension | ||
const correctHistoryPath = req.DocManager.historyPath(correctName, userAddress, true); | ||
|
||
fileSystem.renameSync(historyPath, correctHistoryPath); // change the previous history path | ||
if (!keepOriginal) { | ||
fileSystem.renameSync(historyPath, correctHistoryPath); // change the previous history path |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression High
user-provided value
This path depends on a
user-provided value
|
||
const userAddress = req.DocManager.curUserHostAddress(); | ||
const historyPath = req.DocManager.historyPath(fileName, userAddress, true); | ||
// get the history path to the file with a new extension | ||
const correctHistoryPath = req.DocManager.historyPath(correctName, userAddress, true); | ||
|
||
fileSystem.renameSync(historyPath, correctHistoryPath); // change the previous history path | ||
if (!keepOriginal) { | ||
fileSystem.renameSync(historyPath, correctHistoryPath); // change the previous history path |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression High
user-provided value
path.join(correctHistoryPath, `${correctName}.txt`), | ||
); // change the name of the .txt file with document information | ||
fileSystem.renameSync( | ||
path.join(correctHistoryPath, `${fileName}.txt`), |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression High
user-provided value
This path depends on a
user-provided value
); // change the name of the .txt file with document information | ||
fileSystem.renameSync( | ||
path.join(correctHistoryPath, `${fileName}.txt`), | ||
path.join(correctHistoryPath, `${correctName}.txt`), |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression High
user-provided value
// DocManager.cleanFolderRecursive(uploadDirTmp, true); // if not, clean the folder with temporary files | ||
res.writeHead(200, { 'Content-Type': 'text/plain' }); // and write the error status and message to the response | ||
res.write('{ "error": "File type is not supported"}'); | ||
res.end(); | ||
return; | ||
} | ||
|
||
fileSystem.rename(file.path, `${uploadDir}/${file.name}`, (error) => { // rename a file | ||
fileSystem.rename(file.filepath, `${uploadDir}/${file.originalFilename}`, (error) => { // rename a file |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression High
user-provided value
// DocManager.cleanFolderRecursive(uploadDirTmp, true); // if not, clean the folder with temporary files | ||
res.writeHead(200, { 'Content-Type': 'text/plain' }); // and write the error status and message to the response | ||
res.write('{ "error": "File type is not supported"}'); | ||
res.end(); | ||
return; | ||
} | ||
|
||
fileSystem.rename(file.path, `${uploadDir}/${file.name}`, (error) => { // rename a file | ||
fileSystem.rename(file.filepath, `${uploadDir}/${file.originalFilename}`, (error) => { // rename a file |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression High
user-provided value
window.open(url, "_blank"); | ||
jq('#hiddenFileName').val(""); | ||
jq.unblockUI(); | ||
window.location = collectParams(); |
Check warning
Code scanning / CodeQL
DOM text reinterpreted as HTML Medium
DOM text
DOM text
DOM text
DOM text
DOM text
window.open(url, "_blank"); | ||
jq('#hiddenFileName').val(""); | ||
jq.unblockUI(); | ||
window.location = collectParams(); |
Check warning
Code scanning / CodeQL
DOM text reinterpreted as HTML Medium
DOM text
DOM text
DOM text
DOM text
DOM text
url: "file", | ||
complete: function (data) { | ||
if (JSON.parse(data.responseText).success) { | ||
window.location = collectParams(); |
Check warning
Code scanning / CodeQL
DOM text reinterpreted as HTML Medium
DOM text
DOM text
DOM text
DOM text
DOM text
chore(ruby): update dependencies
@@ -464,8 +464,12 @@ | |||
for (let i = 1; i <= countVersion; i++) { // get keys to all the file versions | |||
if (i < countVersion) { | |||
const keyPath = this.keyPath(fileName, userAddress, i); | |||
if (!fileSystem.existsSync(keyPath)) continue; | |||
keyVersion = `${fileSystem.readFileSync(keyPath)}`; | |||
if (!fileSystem.existsSync(keyPath)) { |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression High
user-provided value
This path depends on a
user-provided value
keyVersion = userAddress + fileName + Date.now(); | ||
keyVersion = documentService.generateRevisionId(keyVersion); | ||
} else { | ||
keyVersion = `${fileSystem.readFileSync(keyPath)}`; |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression High
user-provided value
This path depends on a
user-provided value
fde930d
to
09344f6
Compare
…g 69948' (#2) from fix/java-check-file-exist into release/v1.10.0 Reviewed-on: https://git.onlyoffice.com/ONLYOFFICE/document-server-integration/pulls/2