com.backnd.database 0.0.9 → 0.0.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/Client.cs +47 -5
  2. package/package.json +1 -1
package/Client.cs CHANGED
@@ -2,6 +2,7 @@ using System;
2
2
  using System.Collections.Generic;
3
3
  using System.Linq;
4
4
  using System.Text;
5
+ using System.Text.RegularExpressions;
5
6
  using System.Threading;
6
7
 
7
8
  using BACKND.Database.Exceptions;
@@ -19,6 +20,12 @@ namespace BACKND.Database
19
20
 
20
21
  private readonly Dictionary<Type, bool> createdTables = new Dictionary<Type, bool>();
21
22
 
23
+ // HTTP 헤더 유효성 검사용 정규식 (RFC 7230 준수)
24
+ // 헤더 키: 토큰 형식 (영문자, 숫자, !#$%&'*+-.^_`|~)
25
+ private static readonly Regex ValidHeaderKeyRegex = new Regex(@"^[A-Za-z0-9!\#\$%&'\*\+\-\.\^_`\|~]+$", RegexOptions.Compiled);
26
+ // 헤더 값: ASCII 인쇄 가능 문자만 허용 (32~126)
27
+ private static readonly Regex ValidHeaderValueRegex = new Regex(@"^[\x20-\x7E]*$", RegexOptions.Compiled);
28
+
22
29
  private readonly Queue<QueuedRequest> requestQueue = new Queue<QueuedRequest>();
23
30
  private readonly Queue<QueuedRequest> highPriorityQueue = new Queue<QueuedRequest>();
24
31
  private readonly object queueLock = new object();
@@ -28,11 +35,37 @@ namespace BACKND.Database
28
35
 
29
36
  public Client(string uuid)
30
37
  {
31
- headers["database_uuid"] = uuid;
38
+ SetHeader("database_uuid", uuid);
32
39
 
33
40
  this.queueCancellationSource = new CancellationTokenSource();
34
41
  }
35
42
 
43
+ private static bool IsValidHeaderKey(string key)
44
+ {
45
+ return !string.IsNullOrEmpty(key) && ValidHeaderKeyRegex.IsMatch(key);
46
+ }
47
+
48
+ private static bool IsValidHeaderValue(string value)
49
+ {
50
+ return string.IsNullOrEmpty(value) || ValidHeaderValueRegex.IsMatch(value);
51
+ }
52
+
53
+ private bool SetHeader(string key, string value)
54
+ {
55
+ if (!IsValidHeaderKey(key))
56
+ {
57
+ return false;
58
+ }
59
+
60
+ if (!IsValidHeaderValue(value))
61
+ {
62
+ return false;
63
+ }
64
+
65
+ headers[key] = value;
66
+ return true;
67
+ }
68
+
36
69
  public async BTask Initialize()
37
70
  {
38
71
  if (initialized)
@@ -48,15 +81,24 @@ namespace BACKND.Database
48
81
  }
49
82
 
50
83
  var json = Newtonsoft.Json.Linq.JObject.Parse(userInfoResult.ReturnValue);
51
- headers["x-gamerid"] = json["row"]["gamerId"].ToString();
84
+ var gamerId = json["row"]["gamerId"]?.ToString();
85
+ if (!SetHeader("x-gamerid", gamerId))
86
+ {
87
+ UnityEngine.Debug.LogError("please check backnd login state - invalid gamerId");
88
+ return;
89
+ }
52
90
 
53
91
  var settings = BackEnd.Backend.GetBackndChatSettings();
54
92
  foreach (var header in settings)
55
93
  {
56
- headers[header.Key] = header.Value;
57
- }
94
+ if (headers.ContainsKey(header.Key) && !string.IsNullOrEmpty(headers[header.Key]))
95
+ continue;
58
96
 
59
- //headers["x-gamerid"] = "40a1f3f0-19a1-11f0-9ee9-c1c83fc196eb";
97
+ if (string.IsNullOrEmpty(header.Value))
98
+ continue;
99
+
100
+ SetHeader(header.Key, header.Value);
101
+ }
60
102
 
61
103
  StartQueueProcessing();
62
104
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "com.backnd.database",
3
- "version": "0.0.9",
3
+ "version": "0.0.10",
4
4
  "displayName": "BACKND Database",
5
5
  "description": "BACKND Database is a Unity SDK for seamless integration with BACKND cloud database services.\n\nEasily manage and synchronize game data such as player profiles, game states, and leaderboards across multiple platforms.\nIdeal for Unity developers looking to implement robust database solutions without complex backend setups.",
6
6
  "unity": "2021.3",