summaryrefslogtreecommitdiff
path: root/lib/models
diff options
context:
space:
mode:
authorChristoph (Sheogorath) Kern2018-03-18 15:13:06 +0100
committerGitHub2018-03-18 15:13:06 +0100
commitf6df2deb8439dda4576ee70691c98c1ab53c965d (patch)
tree6a56c539e86058cf89a50636b451167fc3a75f83 /lib/models
parent6b30f662725b54d9c0ef3954fdb5a463da697cc2 (diff)
parent8bfe51940f2eff035394b7713cbbce5b9b446842 (diff)
Merge pull request #743 from hackmdio/fix-to-use-url-safe-base64
Fix to use url-safe base64 in note url
Diffstat (limited to 'lib/models')
-rw-r--r--lib/models/note.js33
1 files changed, 32 insertions, 1 deletions
diff --git a/lib/models/note.js b/lib/models/note.js
index 484f1a8c..d615bcf7 100644
--- a/lib/models/note.js
+++ b/lib/models/note.js
@@ -3,6 +3,7 @@
var fs = require('fs')
var path = require('path')
var LZString = require('lz-string')
+var base64url = require('base64url')
var md = require('markdown-it')()
var metaMarked = require('meta-marked')
var cheerio = require('cheerio')
@@ -114,6 +115,24 @@ module.exports = function (sequelize, DataTypes) {
return false
}
},
+ encodeNoteId: function (id) {
+ // remove dashes in UUID and encode in url-safe base64
+ let str = id.replace(/-/g, '')
+ let hexStr = Buffer.from(str, 'hex')
+ return base64url.encode(hexStr)
+ },
+ decodeNoteId: function (encodedId) {
+ // decode from url-safe base64
+ let id = base64url.toBuffer(encodedId).toString('hex')
+ // add dashes between the UUID string parts
+ let idParts = []
+ idParts.push(id.substr(0, 8))
+ idParts.push(id.substr(8, 4))
+ idParts.push(id.substr(12, 4))
+ idParts.push(id.substr(16, 4))
+ idParts.push(id.substr(20, 12))
+ return idParts.join('-')
+ },
checkNoteIdValid: function (id) {
var uuidRegex = /^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i
var result = id.match(uuidRegex)
@@ -190,13 +209,25 @@ module.exports = function (sequelize, DataTypes) {
return _callback(err, null)
})
},
+ // parse note id by LZString is deprecated, here for compability
parseNoteIdByLZString: function (_callback) {
// try to parse note id by LZString Base64
try {
var id = LZString.decompressFromBase64(noteId)
if (id && Note.checkNoteIdValid(id)) { return callback(null, id) } else { return _callback(null, null) }
} catch (err) {
- return _callback(err, null)
+ logger.error(err)
+ return _callback(null, null)
+ }
+ },
+ parseNoteIdByBase64Url: function (_callback) {
+ // try to parse note id by base64url
+ try {
+ var id = Note.decodeNoteId(noteId)
+ if (id && Note.checkNoteIdValid(id)) { return callback(null, id) } else { return _callback(null, null) }
+ } catch (err) {
+ logger.error(err)
+ return _callback(null, null)
}
},
parseNoteIdByShortId: function (_callback) {