From 086132de6671a6f3e51059bbd895b754d9dad6bb Mon Sep 17 00:00:00 2001 From: John McLear Date: Tue, 12 Feb 2013 23:23:44 +0000 Subject: [PATCH 1/7] dont die on bad html but only warn to api logger but dont tell client that it failed cause html was bad --- src/node/utils/ImportHtml.js | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/src/node/utils/ImportHtml.js b/src/node/utils/ImportHtml.js index 7c638fb8c..6e8ab23a2 100644 --- a/src/node/utils/ImportHtml.js +++ b/src/node/utils/ImportHtml.js @@ -29,7 +29,6 @@ function setPadHTML(pad, html, callback) // by several orders of magnitude. pad.setText(""); var padText = pad.text(); - // Parse the incoming HTML with jsdom var doc = jsdom(html.replace(/>\n+<')); apiLogger.debug('html:'); @@ -38,8 +37,15 @@ function setPadHTML(pad, html, callback) // Convert a dom tree into a list of lines and attribute liens // using the content collector object var cc = contentcollector.makeContentCollector(true, null, pad.pool); - cc.collectContent(doc.childNodes[0]); + try{ // we use a try here because if the HTML is bad it will blow up + cc.collectContent(doc.childNodes[0]); + }catch(e){ + apiLogger.warn("HTML was not properly formed", e); + return; // We don't process the HTML because it was bad.. + } + var result = cc.finish(); + apiLogger.debug('Lines:'); var i; for (i = 0; i < result.lines.length; i += 1) From e152c477c7c9fbc65e6d7da6131011852f60bf34 Mon Sep 17 00:00:00 2001 From: John McLear Date: Tue, 12 Feb 2013 23:38:02 +0000 Subject: [PATCH 2/7] include the callback call, for sanity and stop the pad from being nuked so early in the function --- src/node/db/API.js | 2 +- src/node/utils/ImportHtml.js | 7 +++---- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/src/node/db/API.js b/src/node/db/API.js index 07141fec2..5f8189140 100644 --- a/src/node/db/API.js +++ b/src/node/db/API.js @@ -270,7 +270,7 @@ exports.setHTML = function(padID, html, callback) if(ERR(err, callback)) return; // add a new changeset with the new html to the pad - importHtml.setPadHTML(pad, cleanText(html)); + importHtml.setPadHTML(pad, cleanText(html), callback); //update the clients on the pad padMessageHandler.updatePadClients(pad, callback); diff --git a/src/node/utils/ImportHtml.js b/src/node/utils/ImportHtml.js index 6e8ab23a2..686d1c614 100644 --- a/src/node/utils/ImportHtml.js +++ b/src/node/utils/ImportHtml.js @@ -25,10 +25,6 @@ function setPadHTML(pad, html, callback) { var apiLogger = log4js.getLogger("ImportHtml"); - // Clean the pad. This makes the rest of the code easier - // by several orders of magnitude. - pad.setText(""); - var padText = pad.text(); // Parse the incoming HTML with jsdom var doc = jsdom(html.replace(/>\n+<')); apiLogger.debug('html:'); @@ -44,6 +40,8 @@ function setPadHTML(pad, html, callback) return; // We don't process the HTML because it was bad.. } + // console.warn("LUL WUT THE FUCK U DOIN HERE?"); + var result = cc.finish(); apiLogger.debug('Lines:'); @@ -90,6 +88,7 @@ function setPadHTML(pad, html, callback) // the changeset is ready! var theChangeset = builder.toString(); apiLogger.debug('The changeset: ' + theChangeset); + pad.setText(""); pad.appendRevision(theChangeset); } From 9e1dfc9487669884a6be5fe606f8d8259de065f3 Mon Sep 17 00:00:00 2001 From: John McLear Date: Tue, 12 Feb 2013 23:44:09 +0000 Subject: [PATCH 3/7] docs for setHTML --- doc/api/http_api.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/doc/api/http_api.md b/doc/api/http_api.md index 0543ef71a..575b2c980 100644 --- a/doc/api/http_api.md +++ b/doc/api/http_api.md @@ -283,6 +283,16 @@ sets the text of a pad * `{code: 1, message:"padID does not exist", data: null}` * `{code: 1, message:"text too long", data: null}` +#### setHTML(padID, html) + * API >= 1 + +sets the text of a pad based on HTML, HTML must be well formed. Malformed HTML will send a warning to the API log + +*Example returns:* + * `{code: 0, message:"ok", data: null}` + * `{code: 1, message:"padID does not exist", data: null}` + + #### getHTML(padID, [rev]) * API >= 1 From 198110eb4b9f84eac03eb1dd04e3918f20fdad76 Mon Sep 17 00:00:00 2001 From: John McLear Date: Tue, 12 Feb 2013 23:49:43 +0000 Subject: [PATCH 4/7] drunk comments --- src/node/utils/ImportHtml.js | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/node/utils/ImportHtml.js b/src/node/utils/ImportHtml.js index 686d1c614..9f2fd351a 100644 --- a/src/node/utils/ImportHtml.js +++ b/src/node/utils/ImportHtml.js @@ -40,8 +40,6 @@ function setPadHTML(pad, html, callback) return; // We don't process the HTML because it was bad.. } - // console.warn("LUL WUT THE FUCK U DOIN HERE?"); - var result = cc.finish(); apiLogger.debug('Lines:'); From 7c03bc2610a2d8f0e752bc9796bb460d50166fe9 Mon Sep 17 00:00:00 2001 From: John McLear Date: Thu, 14 Feb 2013 01:13:23 +0000 Subject: [PATCH 5/7] when exporting HTML include html and body --- src/node/db/API.js | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/node/db/API.js b/src/node/db/API.js index 5f8189140..7a9ce41fa 100644 --- a/src/node/db/API.js +++ b/src/node/db/API.js @@ -243,6 +243,8 @@ exports.getHTML = function(padID, rev, callback) exportHtml.getPadHTML(pad, rev, function(err, html) { if(ERR(err, callback)) return; + html = "" +html; // adds HTML head + html += ""; data = {html: html}; callback(null, data); }); @@ -253,9 +255,9 @@ exports.getHTML = function(padID, rev, callback) exportHtml.getPadHTML(pad, undefined, function (err, html) { if(ERR(err, callback)) return; - + html = "" +html; // adds HTML head + html += ""; data = {html: html}; - callback(null, data); }); } From 7dd29454e9ccf69bf3683fd7de9d6d7c1bfbd19d Mon Sep 17 00:00:00 2001 From: Lennart Brinkmann Date: Sat, 14 Dec 2013 19:56:49 +0100 Subject: [PATCH 6/7] Remove duplicate doc entry for setHTML() --- doc/api/http_api.md | 15 ++------------- 1 file changed, 2 insertions(+), 13 deletions(-) diff --git a/doc/api/http_api.md b/doc/api/http_api.md index 281cc9759..1ae2ea1c8 100644 --- a/doc/api/http_api.md +++ b/doc/api/http_api.md @@ -285,16 +285,6 @@ sets the text of a pad * `{code: 1, message:"padID does not exist", data: null}` * `{code: 1, message:"text too long", data: null}` -#### setHTML(padID, html) - * API >= 1 - -sets the text of a pad based on HTML, HTML must be well formed. Malformed HTML will send a warning to the API log - -*Example returns:* - * `{code: 0, message:"ok", data: null}` - * `{code: 1, message:"padID does not exist", data: null}` - - #### getHTML(padID, [rev]) * API >= 1 @@ -304,15 +294,14 @@ returns the text of a pad formatted as HTML * `{code: 0, message:"ok", data: {html:"Welcome Text
More Text"}}` * `{code: 1, message:"padID does not exist", data: null}` -#### setHTML(padID, text) +#### setHTML(padID, html) * API >= 1 -sets the html of a pad +sets the text of a pad based on HTML, HTML must be well formed. Malformed HTML will send a warning to the API log. *Example returns:* * `{code: 0, message:"ok", data: null}` * `{code: 1, message:"padID does not exist", data: null}` - * `{code: 1, message:"text too long", data: null}` #### getAttributePool(padID) * API >= 1.2.8 From dd8af99e2e36e759fdc869c82a24a271742e2a5b Mon Sep 17 00:00:00 2001 From: Lennart Brinkmann Date: Sat, 14 Dec 2013 21:14:56 +0100 Subject: [PATCH 7/7] Add input validation for html param in setHTML() --- src/node/db/API.js | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/src/node/db/API.js b/src/node/db/API.js index 00be19186..98bc8029d 100644 --- a/src/node/db/API.js +++ b/src/node/db/API.js @@ -382,8 +382,23 @@ exports.getHTML = function(padID, rev, callback) }); } +/** +setHTML(padID, html) sets the text of a pad based on HTML + +Example returns: + +{code: 0, message:"ok", data: null} +{code: 1, message:"padID does not exist", data: null} +*/ exports.setHTML = function(padID, html, callback) { + //html is required + if(typeof html != "string") + { + callback(new customError("html is no string","apierror")); + return; + } + //get the pad getPadSafe(padID, true, function(err, pad) {