OpenSource
/
dify
ウォッチ 4
スター 0
フォーク 0
コード 課題 0 プルリクエスト 0 リリース 152 Wiki アクティビティ
ソースを参照

fix: properly escape `collectionName` in query string parameters (#14476)

tags/1.0.0
QuantumGhost 8ヶ月前
ddf9eb1f9a
コミット
002b16e1c6
コミッターのメールアドレスに関連付けられたアカウントが存在しません
3個のファイルの変更28行の追加3行の削除
ユニファイド表示 差分情報を表示
  1. 16
    0
      web/service/_tools_util.spec.ts
  2. 5
    0
      web/service/_tools_util.ts
  3. 7
    3
      web/service/tools.ts

+ 16
- 0
web/service/_tools_util.spec.ts ファイルの表示

import { buildProviderQuery } from './_tools_util'

describe('makeProviderQuery', () => {
test('collectionName without special chars', () => {
expect(buildProviderQuery('ABC')).toBe('provider=ABC')
})
test('should escape &', () => {
expect(buildProviderQuery('ABC&DEF')).toBe('provider=ABC%26DEF')
})
test('should escape /', () => {
expect(buildProviderQuery('ABC/DEF')).toBe('provider=ABC%2FDEF')
})
test('should escape ?', () => {
expect(buildProviderQuery('ABC?DEF')).toBe('provider=ABC%3FDEF')
})
})

+ 5
- 0
web/service/_tools_util.ts ファイルの表示

export const buildProviderQuery = (collectionName: string): string => {
const query = new URLSearchParams()
query.set('provider', collectionName)
return query.toString()
}

+ 7
- 3
web/service/tools.ts ファイルの表示

} from '@/app/components/tools/types' } from '@/app/components/tools/types'
import type { ToolWithProvider } from '@/app/components/workflow/types' import type { ToolWithProvider } from '@/app/components/workflow/types'
import type { Label } from '@/app/components/tools/labels/constant' import type { Label } from '@/app/components/tools/labels/constant'
import { buildProviderQuery } from './_tools_util'


export const fetchCollectionList = () => { export const fetchCollectionList = () => {
return get<Collection[]>('/workspaces/current/tool-providers') return get<Collection[]>('/workspaces/current/tool-providers')
} }


export const fetchCustomToolList = (collectionName: string) => { export const fetchCustomToolList = (collectionName: string) => {
return get<Tool[]>(`/workspaces/current/tool-provider/api/tools?provider=${collectionName}`)
const query = buildProviderQuery(collectionName)
return get<Tool[]>(`/workspaces/current/tool-provider/api/tools?${query}`)
} }


export const fetchModelToolList = (collectionName: string) => { export const fetchModelToolList = (collectionName: string) => {
return get<Tool[]>(`/workspaces/current/tool-provider/model/tools?provider=${collectionName}`)
const query = buildProviderQuery(collectionName)
return get<Tool[]>(`/workspaces/current/tool-provider/model/tools?${query}`)
} }


export const fetchWorkflowToolList = (appID: string) => { export const fetchWorkflowToolList = (appID: string) => {
} }


export const fetchCustomCollection = (collectionName: string) => { export const fetchCustomCollection = (collectionName: string) => {
return get<CustomCollectionBackend>(`/workspaces/current/tool-provider/api/get?provider=${collectionName}`)
const query = buildProviderQuery(collectionName)
return get<CustomCollectionBackend>(`/workspaces/current/tool-provider/api/get?${query}`)
} }


export const createCustomCollection = (collection: CustomCollectionBackend) => { export const createCustomCollection = (collection: CustomCollectionBackend) => {

書き込み プレビュー
読み込み中…
キャンセル
保存