Commit 3ae6c54e authored by Philipp Berger's avatar Philipp Berger
Browse files

chore: release v1.1.13

parent d671d978
# Changelog
### 1.1.13 (2021-05-26)
* **health-department:** fix: whitlisted special characters for csv
### 1.1.12 (2021-05-26)
* **health-department:** fix: csv sanitization
......
{
"name": "@lucaapp/web",
"version": "1.1.12",
"version": "1.1.13",
"private": true,
"license": "Apache-2.0",
"author": "Culture4Life <hello@luca-app.de> (https://www.luca-app.de/)",
......
{
"name": "@lucaapp/backend",
"version": "1.1.12",
"version": "1.1.13",
"private": true,
"license": "Apache-2.0",
"author": "Culture4Life <hello@luca-app.de> (https://www.luca-app.de/)",
......
{
"name": "@lucaapp/contact-form",
"version": "1.1.12",
"version": "1.1.13",
"private": true,
"license": "Apache-2.0",
"author": "Culture4Life <hello@luca-app.de> (https://www.luca-app.de/)",
......
{
"name": "@lucaapp/health-department",
"version": "1.1.12",
"version": "1.1.13",
"private": true,
"license": "Apache-2.0",
"author": "Culture4Life <hello@luca-app.de> (https://www.luca-app.de/)",
......
......@@ -9,24 +9,21 @@ export const sanitizeForCSV = value => {
)
return value;
if (typeof value === 'object') return mapValues(value, sanitizeForCSV);
const sanitizedString = value
.replaceAll(
/[^0-9A-Za-zç朌ßäëïöüÿãñõâêîôûáéíóúýàèìòùÄËÏÖÜŸÃÑÕÂÊÎÔÛÁÉÍÓÚÝÀÈÌÒÙÇÆŒŒ]+/gi,
' '
)
// sanitze general
const sanitizedStringGeneral = value
// limit to standard characters
.replaceAll(
/DROP|DELETE|SELECT|INSERT|UPDATE|TRUNCATE|FROM|JOIN|CREATE/gi,
/[^0-9A-Za-zç朌ßäëïöüÿãñõâêîôûáéíóúýàèìòùÄËÏÖÜŸÃÑÕÂÊÎÔÛÁÉÍÓÚÝÀÈÌÒÙÇÆŒŒ.\-@+:]+/gi,
' '
)
// remove new lines
.replaceAll(/[\n\r]/g, ' ')
.replaceAll('"', '""')
.replace(/^\+/, "'+");
const forbiddenLeadingSigns = ['=', '-', '@', '\t'];
// replace leading + with 00 for phone numbers
.replace(/^\+/, '00');
return forbiddenLeadingSigns.includes(sanitizedString?.charAt(0))
? sanitizeForCSV(sanitizedString.slice(1))
: sanitizedString;
// remove leading special characters to avoid formulars
return sanitizedStringGeneral.replaceAll(/^[\t\r"'+=@`-\s]+/g, '_');
};
export const sanitizeObject = object => mapValues(object, sanitizeForCSV);
{
"name": "@lucaapp/locations",
"version": "1.1.12",
"version": "1.1.13",
"private": true,
"license": "Apache-2.0",
"author": "Culture4Life <hello@luca-app.de> (https://www.luca-app.de/)",
......
import React from 'react';
import FileSaver from 'file-saver';
import sanitize from 'sanitize-filename';
import { useIntl } from 'react-intl';
import { FileProtectOutlined } from '@ant-design/icons';
import { generatePrivateKeyFile } from 'utils/privateKey';
......@@ -28,9 +29,11 @@ export const DownloadPrivateKey = ({
);
FileSaver.saveAs(
fileData,
intl.formatMessage(
{ id: 'downloadFile.groups.publicKey' },
{ name: `${operator.firstName}_${operator.lastName}` }
sanitize(
intl.formatMessage(
{ id: 'downloadFile.groups.publicKey' },
{ name: `${operator.firstName}_${operator.lastName}` }
)
)
);
setHasDownloadedKey(true);
......
......@@ -9,6 +9,7 @@ import React, {
import { useIntl } from 'react-intl';
import { jsPDF } from 'jspdf';
import { message } from 'antd';
import sanitize from 'sanitize-filename';
import {
MAX_QR_CODES_FILE,
......@@ -38,7 +39,9 @@ async function generateOneFile({
processedLocation?.name ||
intl.formatMessage({ id: 'location.defaultName' });
locationName = fileNumber ? `${locationName}_${fileNumber}` : locationName;
locationName = sanitize(
fileNumber ? `${locationName}_${fileNumber}` : locationName
);
qrPDF.html(printReference.current, {
callback: pdf => {
......
......@@ -9,16 +9,21 @@ export const sanitizeForCSV = value => {
)
return value;
if (typeof value === 'object') return mapValues(value, sanitizeForCSV);
const sanitizedString = value
.replaceAll(/[\n\r]/g, ' ')
.replaceAll('"', '""') // not done by library
.replace(/^\+/, "'+");
const forbiddenLeadingSigns = ['=', '-', '@', '\t'];
// sanitze general
const sanitizedStringGeneral = value
// limit to standard characters
.replaceAll(
/[^0-9A-Za-zç朌ßäëïöüÿãñõâêîôûáéíóúýàèìòùÄËÏÖÜŸÃÑÕÂÊÎÔÛÁÉÍÓÚÝÀÈÌÒÙÇÆŒŒ.\-@+:]+/gi,
' '
)
// remove new lines
.replaceAll(/[\n\r]/g, ' ')
// replace leading + with 00 for phone numbers
.replace(/^\+/, '00');
return forbiddenLeadingSigns.includes(sanitizedString?.charAt(0))
? sanitizeForCSV(sanitizedString.slice(1))
: sanitizedString;
// remove leading special characters to avoid formulars
return sanitizedStringGeneral.replaceAll(/^[\t\r"'+=@`-\s]+/g, '_');
};
export const sanitizeObject = object => mapValues(object, sanitizeForCSV);
{
"name": "@lucaapp/scanner",
"version": "1.1.12",
"version": "1.1.13",
"private": true,
"license": "Apache-2.0",
"author": "Culture4Life <hello@luca-app.de> (https://www.luca-app.de/)",
......
{
"name": "@lucaapp/webapp",
"version": "1.1.12",
"version": "1.1.13",
"private": true,
"license": "Apache-2.0",
"author": "Culture4Life <hello@luca-app.de> (https://www.luca-app.de/)",
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment