Skip to content

Improve kernel API /api/block/insertBlock argument checking #10144

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
3 tasks done
IAliceBobI opened this issue Jan 10, 2024 · 0 comments
Closed
3 tasks done

Improve kernel API /api/block/insertBlock argument checking #10144

IAliceBobI opened this issue Jan 10, 2024 · 0 comments
Assignees
@88250
Labels
Development
Milestone
2.12.3

Comments

@IAliceBobI
Copy link

IAliceBobI commented Jan 10, 2024
edited by 88250
Loading

插入markdown的方式可以插入一个无效ID的段落块。

Is there an existing issue for this?

  • I have searched the existing issues

Can the issue be reproduced with the default theme (daylight/midnight)?

  • I was able to reproduce the issue with the default theme

Could the issue be due to extensions?

  • I've ruled out the possibility that the extension is causing the problem.

Describe the problem

"/api/block/insertBlock" 存入的 markdown为:

\n{: id=${NewNodeID()}}

(没加引号,是一个错误。但服务端也没检查。)

页面中出现无效ID的div : data-node-id="0240111004552-jusidl"

<div data-node-id="0240111004552-jusidl" data-node-index="25" data-type="NodeParagraph" class="p"
    updated="0240111004552-">
    <div contenteditable="true" spellcheck="false"></div>
    <div class="protyle-attr" contenteditable="false">​</div>
</div>

export const NewNodeID: () => string = (globalThis as any).Lute.NewNodeID;

Expected result

一个妥善的响应

Screenshot or screen recording presentation

No response

Version environment

- Version: 
- Operating System: 
- Browser (if used):

Log file

None

More information

No response
@88250 88250 changed the title 插入markdown的方式可以插入一个无效ID的段落块。 Improve kernel API /api/block/insertBlock argument checking Jan 11, 2024
@88250 88250 self-assigned this Jan 11, 2024
@88250 88250 added this to the 2.12.3 milestone Jan 11, 2024
@88250 88250 closed this as completed Jan 11, 2024
88250 added a commit that referenced this issue Jan 11, 2024
@88250
🎨 Improve kernel API /api/block/insertBlock argument checking #10144
caf0717
88250 added a commit that referenced this issue Jan 11, 2024
@88250
🎨 Improve kernel API /api/block/insertBlock argument checking #10144
cf3dbef
88250 added a commit that referenced this issue Jan 12, 2024
@88250
🎨 Improve kernel API /api/block/insertBlock argument checking #10144
9db8172
88250 added a commit that referenced this issue Jan 12, 2024
@88250
🎨 Improve kernel API /api/block/insertBlock argument checking #10144
04214ac
EightDoor added a commit to EightDoor/siyuan that referenced this issue Jan 16, 2024
@EightDoor
Merge commit '43d0bb1bfe8dedf6e1b9960256b5e35b0b8fb9e9'
854620d 
* commit '43d0bb1bfe8dedf6e1b9960256b5e35b0b8fb9e9': (76 commits)
  🎨 fix siyuan-note#10159
  🎨 Add some database related internal kernel APIs siyuan-note#10160
  🎨 siyuan-note#10060
  🎨 Improve kernel API `/api/block/insertBlock` argument checking siyuan-note#10144
  🎨 Improve kernel API `/api/block/insertBlock` argument checking siyuan-note#10144
  🎨 fix siyuan-note#10155
  📝 fix siyuan-note#10013
  🎨 fix siyuan-note#10013
  🎨 Improve export CSV
  🐛 Fix av export https://ld246.com/article/1705023091175
  🎨 fix siyuan-note#10091
  🎨 Update kernel API getIDsByHPath siyuan-note#10091
  🎨 Some kernel interface concurrency is no longer controlled to improve performance siyuan-note#10149
  🐛 fix siyuan-note#10155
  🔊 Add logging
  🎨 fix siyuan-note#10118
  🎨 siyuan-note#10153
  🎨 The production environment will no longer register `/debug/pprof/` siyuan-note#10152
  :lipsticks: menu action
  :lipsticks: card
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@88250 88250

Labels
Development
Projects
None yet
Milestone
2.12.3
Development

No branches or pull requests
2 participants
@88250 @IAliceBobI