Home Esplora Aiuto
Accedi
wiki
/
weseek__growi
mirror da https://github.com/weseek/growi
2
0
Forka 0
File Problemi 0 Wiki
Sfoglia il codice sorgente

fix: CodeQl Alert (https://github.com/weseek/growi/security/code-scanning/814)

Shun Miyazawa 7 mesi fa
parent
d5c0beed93
commit
363485e6a6
1 ha cambiato i file con 2 aggiunte e 2 eliminazioni
Visualizzazione separata Mostra Diff Stats
  1. 2 2
      apps/app/src/server/routes/apiv3/attachment.js

+ 2 - 2
apps/app/src/server/routes/apiv3/attachment.js
Vedi File 

@@ -1,3 +1,4 @@
 
+import { SCOPE } from '@growi/core/dist/interfaces';
 
 import { ErrorV3 } from '@growi/core/dist/models';
 
 import { serializeUserSecurely } from '@growi/core/dist/models/serializers';
 
 import express from 'express';
 
@@ -5,7 +6,6 @@ import multer from 'multer';
 
 import autoReap from 'multer-autoreap';
 
 
 import { SupportedAction } from '~/interfaces/activity';
 
-import { SCOPE } from '@growi/core/dist/interfaces';
 
 import { AttachmentType } from '~/server/interfaces/attachment';
 
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
 
 import { Attachment } from '~/server/models/attachment';
 
@@ -158,7 +158,7 @@ module.exports = (crowi) => {
 
       query('fileSize').isNumeric().exists({ checkNull: true }).withMessage('fileSize is required'),
 
     ],
 
     retrieveAddAttachment: [
 
-      body('page_id').isString().exists({ checkNull: true }).withMessage('page_id is required'),
 
+      body('page_id').isMongoId().exists({ checkNull: true }).withMessage('page_id is required'),
 
     ],
 
   };