From e094ea3d2a30e677c343f764bced305c99de0c28 Mon Sep 17 00:00:00 2001 From: Matthias Uttendorfer Date: Tue, 13 Nov 2018 23:05:19 +0100 Subject: [PATCH 1/3] Add quotation marks for basic auth challenge This is required by RFC 2617 --- red.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/red.js b/red.js index c7dc8b131..94a0b26bb 100755 --- a/red.js +++ b/red.js @@ -240,7 +240,7 @@ function basicAuthMiddleware(user,pass) { } var requestUser = basicAuth(req); if (!requestUser || requestUser.name !== user || !checkPasswordAndCache(requestUser.pass)) { - res.set('WWW-Authenticate', 'Basic realm=Authorization Required'); + res.set('WWW-Authenticate', 'Basic realm="Authorization Required"'); return res.sendStatus(401); } next(); From 06a1f303501ae5deb03976a24820aa005e03822f Mon Sep 17 00:00:00 2001 From: Arun Nattarayan Date: Fri, 30 Nov 2018 20:04:12 +0530 Subject: [PATCH 2/3] Added validation while export into library --- editor/js/ui/library.js | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/editor/js/ui/library.js b/editor/js/ui/library.js index 2f78828c3..e64a7c462 100644 --- a/editor/js/ui/library.js +++ b/editor/js/ui/library.js @@ -447,7 +447,9 @@ RED.library = (function() { click: function() { //TODO: move this to RED.library var flowName = $("#node-input-library-filename").val(); - if (!/^\s*$/.test(flowName)) { + if(flowName.split(/[\\/]/).pop() === "" || /^\s*$/.test(flowName)) { + RED.notify(RED._("library.invalidFilename"),"warning"); + } else { $.ajax({ url:'library/flows/'+flowName, type: "POST", From 7b80ae42e1cb38bd9c57e5dc9518ccd499672c48 Mon Sep 17 00:00:00 2001 From: Nick O'Leary Date: Thu, 6 Dec 2018 19:20:43 +0530 Subject: [PATCH 3/3] removed regex in if statement Co-Authored-By: arunnattarayan --- editor/js/ui/library.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/editor/js/ui/library.js b/editor/js/ui/library.js index e64a7c462..a3419f99a 100644 --- a/editor/js/ui/library.js +++ b/editor/js/ui/library.js @@ -447,7 +447,8 @@ RED.library = (function() { click: function() { //TODO: move this to RED.library var flowName = $("#node-input-library-filename").val(); - if(flowName.split(/[\\/]/).pop() === "" || /^\s*$/.test(flowName)) { + flowName = flowName.trim(); + if(flowName === "" || flowName.endsWith("/")) { RED.notify(RED._("library.invalidFilename"),"warning"); } else { $.ajax({