frodovdr/node-red
1
0
Fork 0
mirror of https://github.com/node-red/node-red.git synced 2025-03-01 10:36:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Validate user-provided language parameter before passing to i18n

Browse Source
This commit is contained in:
Nick O'Leary
2021-01-25 17:06:27 +00:00
parent 79473c243d
commit a0f736bb88
3 changed files with 46 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
packages/node_modules/@node-red/runtime/lib/api/nodes.js vendored
View File

@@ -99,6 +99,10 @@ var api = module.exports = {
return new Promise(function(resolve,reject) {
var id = opts.id;
var lang = opts.lang;
if (/[^a-z\-]/i.test(opts.lang)) {
reject(new Error("Invalid language: "+opts.lang));
return
}
var result = runtime.nodes.getNodeConfig(id,lang);
if (result) {
runtime.log.audit({event: "nodes.config.get",id:id}, opts.req);
@@ -124,6 +128,10 @@ var api = module.exports = {
getNodeConfigs: function(opts) {
return new Promise(function(resolve,reject) {
runtime.log.audit({event: "nodes.configs.get"}, opts.req);
if (/[^a-z\-]/i.test(opts.lang)) {
reject(new Error("Invalid language: "+opts.lang));
return
}
return resolve(runtime.nodes.getNodeConfigs(opts.lang));
});
},
@@ -398,6 +406,10 @@ var api = module.exports = {
var namespace = opts.module;
var lang = opts.lang;
var prevLang = runtime.i18n.i.language;
if (/[^a-z\-]/i.test(lang)) {
reject(new Error("Invalid language: "+lang));
return
}
// Trigger a load from disk of the language if it is not the default
runtime.i18n.i.changeLanguage(lang, function(){
var nodeList = runtime.nodes.getNodeList();
@@ -427,6 +439,10 @@ var api = module.exports = {
return new Promise(function(resolve,reject) {
var namespace = opts.module;
var lang = opts.lang;
if (/[^a-z\-]/i.test(lang)) {
reject(new Error("Invalid language: "+lang));
return
}
var prevLang = runtime.i18n.i.language;
// Trigger a load from disk of the language if it is not the default
runtime.i18n.i.changeLanguage(lang, function(){