diff options
| author | Christoph (Sheogorath) Kern | 2018-03-18 15:13:06 +0100 |
|---|---|---|
| committer | GitHub | 2018-03-18 15:13:06 +0100 |
| commit | f6df2deb8439dda4576ee70691c98c1ab53c965d (patch) | |
| tree | 6a56c539e86058cf89a50636b451167fc3a75f83 /lib/models | |
| parent | 6b30f662725b54d9c0ef3954fdb5a463da697cc2 (diff) | |
| parent | 8bfe51940f2eff035394b7713cbbce5b9b446842 (diff) | |
Merge pull request #743 from hackmdio/fix-to-use-url-safe-base64
Fix to use url-safe base64 in note url
Diffstat (limited to '')
| -rw-r--r-- | lib/models/note.js | 33 |
1 files changed, 32 insertions, 1 deletions
diff --git a/lib/models/note.js b/lib/models/note.js index 484f1a8c..d615bcf7 100644 --- a/lib/models/note.js +++ b/lib/models/note.js @@ -3,6 +3,7 @@ var fs = require('fs') var path = require('path') var LZString = require('lz-string') +var base64url = require('base64url') var md = require('markdown-it')() var metaMarked = require('meta-marked') var cheerio = require('cheerio') @@ -114,6 +115,24 @@ module.exports = function (sequelize, DataTypes) { return false } }, + encodeNoteId: function (id) { + // remove dashes in UUID and encode in url-safe base64 + let str = id.replace(/-/g, '') + let hexStr = Buffer.from(str, 'hex') + return base64url.encode(hexStr) + }, + decodeNoteId: function (encodedId) { + // decode from url-safe base64 + let id = base64url.toBuffer(encodedId).toString('hex') + // add dashes between the UUID string parts + let idParts = [] + idParts.push(id.substr(0, 8)) + idParts.push(id.substr(8, 4)) + idParts.push(id.substr(12, 4)) + idParts.push(id.substr(16, 4)) + idParts.push(id.substr(20, 12)) + return idParts.join('-') + }, checkNoteIdValid: function (id) { var uuidRegex = /^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i var result = id.match(uuidRegex) @@ -190,13 +209,25 @@ module.exports = function (sequelize, DataTypes) { return _callback(err, null) }) }, + // parse note id by LZString is deprecated, here for compability parseNoteIdByLZString: function (_callback) { // try to parse note id by LZString Base64 try { var id = LZString.decompressFromBase64(noteId) if (id && Note.checkNoteIdValid(id)) { return callback(null, id) } else { return _callback(null, null) } } catch (err) { - return _callback(err, null) + logger.error(err) + return _callback(null, null) + } + }, + parseNoteIdByBase64Url: function (_callback) { + // try to parse note id by base64url + try { + var id = Note.decodeNoteId(noteId) + if (id && Note.checkNoteIdValid(id)) { return callback(null, id) } else { return _callback(null, null) } + } catch (err) { + logger.error(err) + return _callback(null, null) } }, parseNoteIdByShortId: function (_callback) { |