IntenseWebs/pgadmin4
3
0
Fork 0
mirror of https://github.com/pgadmin-org/pgadmin4.git synced 2025-02-25 18:55:31 -06:00
Code Issues Packages Projects Releases Wiki Activity

Added the ability to detect and warn users about bidirectional Unicode characters. Fixes #7002

Browse Source
This commit is contained in:
Akshay Joshi
2022-05-23 16:04:21 +05:30
parent 50b1ba5c80
commit 4f7bcc2919
7 changed files with 309 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
web/pgadmin/static/js/components/CodeMirror.jsx
View File

@@ -26,6 +26,7 @@ import SwapCallsRoundedIcon from '@material-ui/icons/SwapCallsRounded';
import _ from 'lodash';
import { RegexIcon, FormatCaseIcon } from './ExternalIcon';
import { isMac } from '../keyboard_shortcuts';
import { checkTrojanSource } from '../utils';
const useStyles = makeStyles((theme)=>({
root: {
@@ -323,6 +324,11 @@ function calcFontSize(fontSize) {
return '1em';
}
function handlePaste(editor, e) {
let copiedText = e.clipboardData.getData('text');
checkTrojanSource(copiedText, true);
}
/* React wrapper for CodeMirror */
export default function CodeMirror({currEditor, name, value, options, events, readonly, disabled, className, autocomplete=false}) {
const taRef = useRef();
@@ -429,6 +435,7 @@ export default function CodeMirror({currEditor, name, value, options, events, re
editor.current.on(eventName, events[eventName]);
});
editor.current.on('drop', handleDrop);
editor.current.on('paste', handlePaste);
initPreferences();
return ()=>{
editor.current?.toTextArea();

12
web/pgadmin/static/js/utils.js
View File

@@ -12,6 +12,7 @@ import $ from 'jquery';
import gettext from 'sources/gettext';
import 'wcdocker';
import Notify from './helpers/Notifier';
import { hasTrojanSource } from 'anti-trojan-source';
var wcDocker = window.wcDocker;
@@ -468,3 +469,14 @@ export function getBrowser() {
version: M[1],
};
}
export function checkTrojanSource(content, isPasteEvent) {
// Call the hasTrojanSource function of 'anti-trojan-source' package
if (hasTrojanSource({ sourceText: content})) {
let msg = gettext('The file opened contains bidirectional Unicode characters which could be interpreted differently than what is displayed. If this is unexpected it is recommended that you review the text in an application that can display hidden Unicode characters before proceeding.');
if (isPasteEvent) {
msg = gettext('The pasted text contains bidirectional Unicode characters which could be interpreted differently than what is displayed. If this is unexpected it is recommended that you review the text in an application that can display hidden Unicode characters before proceeding.');
}
Notify.alert(gettext('Trojan Source Warning'), msg);
}
}

3
web/pgadmin/tools/sqleditor/static/js/components/sections/Query.jsx
View File

@@ -18,6 +18,7 @@ import gettext from 'sources/gettext';
import OrigCodeMirror from 'bundled_codemirror';
import Notifier from '../../../../../../static/js/helpers/Notifier';
import { isMac } from '../../../../../../static/js/keyboard_shortcuts';
import { checkTrojanSource } from '../../../../../../static/js/utils';
const useStyles = makeStyles(()=>({
sql: {
@@ -277,6 +278,8 @@ export default function Query() {
'file_name': decodeURI(fileName),
}).then((res)=>{
editor.current.setValue(res.data);
//Check the file content for Trojan Source
checkTrojanSource(res.data);
lastSavedText.current = res.data;
eventBus.fireEvent(QUERY_TOOL_EVENTS.LOAD_FILE_DONE, fileName, true);
eventBus.fireEvent(QUERY_TOOL_EVENTS.QUERY_CHANGED, isDirty());