api: sanitize string before saving into db (#1701)

This commit is contained in:
Huang Xin
2025-07-29 00:44:26 +08:00
committed by GitHub
parent 33b2ba1609
commit 9bc1494582
2 changed files with 9 additions and 4 deletions
+4
View File
@@ -0,0 +1,4 @@
export const sanitizeString = (str?: string) => {
if (!str) return str;
return str.replace(/\u0000/g, '');
};
+5 -4
View File
@@ -8,6 +8,7 @@ import {
HighlightStyle,
} from '@/types/book';
import { DBBookConfig, DBBook, DBBookNote } from '@/types/records';
import { sanitizeString } from './sanitize';
export const transformBookConfigToDB = (bookConfig: unknown, userId: string): DBBookConfig => {
const { bookHash, progress, location, searchConfig, viewSettings, updatedAt } =
@@ -58,14 +59,14 @@ export const transformBookToDB = (book: unknown, userId: string): DBBook => {
user_id: userId,
book_hash: hash,
format,
title,
title: sanitizeString(title)!,
author,
group_id: groupId,
group_name: groupName,
tags: tags,
progress: progress,
source_title: sourceTitle,
metadata: metadata ? JSON.stringify(metadata) : null,
source_title: sanitizeString(sourceTitle),
metadata: metadata ? sanitizeString(JSON.stringify(metadata)) : null,
created_at: new Date(createdAt ?? Date.now()).toISOString(),
updated_at: new Date(updatedAt ?? Date.now()).toISOString(),
deleted_at: deletedAt ? new Date(deletedAt).toISOString() : null,
@@ -119,7 +120,7 @@ export const transformBookNoteToDB = (bookNote: unknown, userId: string): DBBook
id,
type,
cfi,
text,
text: sanitizeString(text),
style,
color,
note,