Home Explore Help
Sign In
wiki
/
weseek__growi
mirror of https://github.com/weseek/growi
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

fix #3582: isCreatableName

Yuki Takei 5 years ago
parent
57729dedca
commit
13e1534935
2 changed files with 8 additions and 0 deletions
Unified View Show Diff Stats
  1. 2 0
      src/server/models/page.js
  2. 6 0
      src/test/models/page.test.js

+ 2 - 0
src/server/models/page.js
View File 

@@ -533,6 +533,8 @@ module.exports = function(crowi) {
 
       /\s+\/\s+/, // avoid miss in renaming
 
       /\s+\/\s+/, // avoid miss in renaming
 
       /.+\/edit$/,
 
       /.+\/edit$/,
 
       /.+\.md$/,
 
       /.+\.md$/,
 
+      /^(\.\.)$/, // see: https://github.com/weseek/growi/issues/3582
 
+      /(\/\.\.)\/?/, // see: https://github.com/weseek/growi/issues/3582
 
       /^\/(installer|register|login|logout|admin|me|files|trash|paste|comments|tags|share)(\/.*|$)/,
 
       /^\/(installer|register|login|logout|admin|me|files|trash|paste|comments|tags|share)(\/.*|$)/,
 
     ];
 
     ];

+ 6 - 0
src/test/models/page.test.js
View File 

@@ -193,6 +193,12 @@ describe('Page', () => {
 
 
 
       expect(Page.isCreatableName('/hoge/xx.md')).toBeFalsy();
 
       expect(Page.isCreatableName('/hoge/xx.md')).toBeFalsy();
 
 
 
+      // relative path
 
+      expect(Page.isCreatableName('/..')).toBeFalsy();
 
+      expect(Page.isCreatableName('/../page')).toBeFalsy();
 
+      expect(Page.isCreatableName('/page/..')).toBeFalsy();
 
+      expect(Page.isCreatableName('/page/../page')).toBeFalsy();
 
+
 
       // start with https?
 
       // start with https?
 
       expect(Page.isCreatableName('/http://demo.growi.org/hoge')).toBeFalsy();
 
       expect(Page.isCreatableName('/http://demo.growi.org/hoge')).toBeFalsy();
 
       expect(Page.isCreatableName('/https://demo.growi.org/hoge')).toBeFalsy();
 
       expect(Page.isCreatableName('/https://demo.growi.org/hoge')).toBeFalsy();