Signal/Desktop
1
0
Fork 0
mirror of https://github.com/signalapp/Signal-Desktop.git synced 2026-05-08 08:58:38 +01:00
Code Issues Packages Projects Releases Wiki Activity

When checking files, handle trailing whitespace

Browse Source
This commit is contained in:
Scott Nonnenberg
2025-12-20 03:59:31 +10:00
committed by GitHub
parent b65b08c02f
commit f6bc8078a5
2 changed files with 17 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ts/test-node/util/isFileDangerous_test.std.ts
+16 -2
View File
@@ -25,16 +25,30 @@ describe('isFileDangerous', () => {
assert.strictEqual(isFileDangerous('downl.SettingContent-ms'), true);
});
it('returns false for non-dangerous files that end in ".", which can happen on Windows', () => {
it('returns false for non-dangerous files that end in "."', () => {
assert.strictEqual(isFileDangerous('dog.png.'), false);
assert.strictEqual(isFileDangerous('resume.docx.'), false);
});
it('returns true for dangerous files that end in ".", which can happen on Windows', () => {
it('returns true for dangerous files that end in "."', () => {
assert.strictEqual(isFileDangerous('run.exe.'), true);
assert.strictEqual(isFileDangerous('install.pif.'), true);
});
it('returns false for non-dangerous files that end in whitespace', () => {
assert.strictEqual(isFileDangerous('dog.png '), false);
assert.strictEqual(isFileDangerous('resume.docx '), false);
assert.strictEqual(isFileDangerous('resume.docx\t\n '), false);
assert.strictEqual(isFileDangerous('resume.docx\t\n\n\n '), false);
});
it('returns true for dangerous files that end in whitespace', () => {
assert.strictEqual(isFileDangerous('run.exe '), true);
assert.strictEqual(isFileDangerous('install.pif '), true);
assert.strictEqual(isFileDangerous('install.pif\t\n '), true);
assert.strictEqual(isFileDangerous('install.pif\t\n\n\n '), true);
});
it('returns false for empty filename', () => {
assert.strictEqual(isFileDangerous(''), false);
});
ts/util/isFileDangerous.std.ts
+1 -1
View File
@@ -2,7 +2,7 @@
// SPDX-License-Identifier: AGPL-3.0-only
const DANGEROUS_FILE_TYPES =
/\.(ADE|ADP|APK|BAT|CAB|CHM|CMD|COM|CPL|DIAGCAB|DLL|DMG|EXE|HTA|INF|INS|ISP|JAR|JS|JSE|LIB|LNK|MDE|MHT|MSC|MSI|MSP|MST|NSH|PIF|PS1|PSC1|PSM1|PSRC|REG|SCR|SCT|SETTINGCONTENT-MS|SHB|SYS|VB|VBE|VBS|VXD|WSC|WSF|WSH)\.?$/i;
/\.(ADE|ADP|APK|BAT|CAB|CHM|CMD|COM|CPL|DIAGCAB|DLL|DMG|EXE|HTA|INF|INS|ISP|JAR|JS|JSE|LIB|LNK|MDE|MHT|MSC|MSI|MSP|MST|NSH|PIF|PS1|PSC1|PSM1|PSRC|REG|SCR|SCT|SETTINGCONTENT-MS|SHB|SYS|VB|VBE|VBS|VXD|WSC|WSF|WSH)(\.|\s+)?$/i;
export function isFileDangerous(fileName: string): boolean {
return DANGEROUS_FILE_TYPES.test(fileName);