@gallop.software/studio 2.3.140 → 2.3.141
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/server/index.js +4 -30
- package/dist/server/index.js.map +1 -1
- package/package.json +1 -1
package/dist/server/index.js
CHANGED
|
@@ -4580,30 +4580,11 @@ async function handleFontsList(request) {
|
|
|
4580
4580
|
const requestedPath = searchParams.get("path") || "_fonts";
|
|
4581
4581
|
try {
|
|
4582
4582
|
const items = [];
|
|
4583
|
-
|
|
4584
|
-
let allowedPaths = ["_fonts", "src/fonts", "src"];
|
|
4585
|
-
const isAllowed = allowedPaths.some(
|
|
4586
|
-
(allowed) => requestedPath === allowed || requestedPath.startsWith(allowed + "/")
|
|
4587
|
-
);
|
|
4583
|
+
const isAllowed = requestedPath === "_fonts" || requestedPath.startsWith("_fonts/");
|
|
4588
4584
|
if (!isAllowed) {
|
|
4589
4585
|
return jsonResponse({ items: [], error: "Path not allowed" }, { status: 400 });
|
|
4590
4586
|
}
|
|
4591
|
-
|
|
4592
|
-
const fontsFolderPath = getWorkspacePath("src", "fonts");
|
|
4593
|
-
try {
|
|
4594
|
-
const stat = await fs12.stat(fontsFolderPath);
|
|
4595
|
-
if (stat.isDirectory()) {
|
|
4596
|
-
items.push({
|
|
4597
|
-
name: "fonts",
|
|
4598
|
-
path: "src/fonts",
|
|
4599
|
-
type: "folder"
|
|
4600
|
-
});
|
|
4601
|
-
}
|
|
4602
|
-
} catch {
|
|
4603
|
-
}
|
|
4604
|
-
return jsonResponse({ items, canCreate: true });
|
|
4605
|
-
}
|
|
4606
|
-
fsPath = getWorkspacePath(requestedPath);
|
|
4587
|
+
const fsPath = getWorkspacePath(requestedPath);
|
|
4607
4588
|
try {
|
|
4608
4589
|
const stat = await fs12.stat(fsPath);
|
|
4609
4590
|
if (!stat.isDirectory()) {
|
|
@@ -4695,10 +4676,7 @@ async function handleFontsCreateFolder(request) {
|
|
|
4695
4676
|
if (!targetPath || !name) {
|
|
4696
4677
|
return jsonResponse({ error: "Path and name are required" }, { status: 400 });
|
|
4697
4678
|
}
|
|
4698
|
-
const
|
|
4699
|
-
const isAllowed = allowedPaths.some(
|
|
4700
|
-
(allowed) => targetPath === allowed || targetPath.startsWith(allowed + "/")
|
|
4701
|
-
);
|
|
4679
|
+
const isAllowed = targetPath === "_fonts" || targetPath.startsWith("_fonts/");
|
|
4702
4680
|
if (!isAllowed) {
|
|
4703
4681
|
return jsonResponse({ error: "Path not allowed" }, { status: 400 });
|
|
4704
4682
|
}
|
|
@@ -4719,12 +4697,8 @@ async function handleFontsDelete(request) {
|
|
|
4719
4697
|
if (!paths || !Array.isArray(paths) || paths.length === 0) {
|
|
4720
4698
|
return jsonResponse({ error: "Paths are required" }, { status: 400 });
|
|
4721
4699
|
}
|
|
4722
|
-
const allowedPaths = ["_fonts", "src/fonts"];
|
|
4723
4700
|
for (const p of paths) {
|
|
4724
|
-
|
|
4725
|
-
(allowed) => p.startsWith(allowed + "/")
|
|
4726
|
-
);
|
|
4727
|
-
if (!isAllowed) {
|
|
4701
|
+
if (!p.startsWith("_fonts/")) {
|
|
4728
4702
|
return jsonResponse({ error: `Path not allowed: ${p}` }, { status: 400 });
|
|
4729
4703
|
}
|
|
4730
4704
|
}
|