mirrors/TidGi-Desktop
1
Fork 0
mirror of https://github.com/tiddly-gittly/TidGi-Desktop.git synced 2025-12-06 02:30:47 -08:00
Code Issues Projects Releases Packages Wiki Activity

fix: injection

Browse source
This commit is contained in:
lin onetwo 2025-11-09 17:11:04 +08:00
parent abba113a43
commit d08480861a
2 changed files with 5 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

9
features/stepDefinitions/wiki.ts
View file

@ -498,9 +498,10 @@ When('I open edit workspace window for workspace with name {string}', async func
} }
// Call the window service to open edit workspace window // Call the window service to open edit workspace window
// Safely pass workspaceId using JSON serialization to avoid string interpolation vulnerability
await mainWindow.webContents.executeJavaScript(` await mainWindow.webContents.executeJavaScript(`
(async () => { (async () => {
await window.service.window.open('editWorkspace', { workspaceID: '${workspaceId}' }); await window.service.window.open('editWorkspace', { workspaceID: ${JSON.stringify(workspaceId)} });
})(); })();
`); `);
}, targetWorkspaceId); }, targetWorkspaceId);
@ -557,11 +558,12 @@ When('I create a new wiki workspace with name {string}', async function(this: Ap
} }
// Call workspace service to create new workspace // Call workspace service to create new workspace
// Safely pass parameters using JSON serialization to avoid string interpolation vulnerability
await mainWindow.webContents.executeJavaScript(` await mainWindow.webContents.executeJavaScript(`
(async () => { (async () => {
await window.service.workspace.create({ await window.service.workspace.create({
name: '${wikiName}', name: ${JSON.stringify(wikiName)},
wikiFolderLocation: '${wikiFullPath.replace(/\\/g, '\\\\')}', wikiFolderLocation: ${JSON.stringify(wikiFullPath)},
isSubWiki: false, isSubWiki: false,
storageService: 'local', storageService: 'local',
}); });
@ -607,7 +609,6 @@ async function clearHibernationTestData() {
// eslint-disable-next-line @typescript-eslint/no-dynamic-delete // eslint-disable-next-line @typescript-eslint/no-dynamic-delete
delete settings.workspaces[wiki2WorkspaceId]; delete settings.workspaces[wiki2WorkspaceId];
await fs.writeJson(settingsPath, settings, { spaces: 2 }); await fs.writeJson(settingsPath, settings, { spaces: 2 });
console.log(`Removed wiki2 workspace config: ${wiki2WorkspaceId}`);
} }
} }
} catch (error) { } catch (error) {

19
features/stepDefinitions/window.ts
View file

@ -4,25 +4,6 @@ import type { ElectronApplication } from 'playwright';
import type { ApplicationWorld } from './application'; import type { ApplicationWorld } from './application';
import { checkWindowDimension, checkWindowName } from './application'; import { checkWindowDimension, checkWindowName } from './application';
// Helper function to open edit workspace window by calling the service
export async function openEditWorkspaceWindow(app: ElectronApplication, workspaceId: string): Promise<void> {
await app.evaluate(async ({ BrowserWindow }, workspaceId: string) => {
const windows = BrowserWindow.getAllWindows();
const mainWindow = windows.find(win => !win.isDestroyed() && win.webContents && win.webContents.getURL().includes('index.html'));
if (!mainWindow) {
throw new Error('Main window not found');
}
// Call the window service to open edit workspace window
await mainWindow.webContents.executeJavaScript(`
(async () => {
await window.service.window.open('editWorkspace', { workspaceID: '${workspaceId}' });
})();
`);
}, workspaceId);
}
// Helper function to get browser view info from Electron window // Helper function to get browser view info from Electron window
async function getBrowserViewInfo( async function getBrowserViewInfo(
app: ElectronApplication, app: ElectronApplication,