mirror of
https://github.com/directus/directus.git
synced 2026-02-02 03:45:07 -05:00
App: encode primary key (#5143)
* app: encode primary key Since primary keys could be manually entered strings, we should encode those in order to prevent accessing inexistent routes. E.g. Document with primary key: 'clients/John Doe' * fixup! app: encode primary key Since primary keys could be manually entered strings, we should encode those in order to prevent accessing inexistent routes. E.g. Document with primary key: 'clients/John Doe' Co-authored-by: Rijk van Zanten <rijkvanzanten@me.com>
This commit is contained in:
José Varela
@@ -43,7 +43,7 @@ export function useItem(collection: Ref<string>, primaryKey: Ref<string | number
|
||||
return endpoint.value;
|
||||
}
|
||||
|
||||
return `${endpoint.value}/${primaryKey.value}`;
|
||||
return `${endpoint.value}/${encodeURIComponent(primaryKey.value as string)}`;
|
||||
});
|
||||
|
||||
watch([collection, primaryKey], refresh, { immediate: true });
|
||||
|
||||
@@ -25,7 +25,7 @@ export default function useTemplateData(collection: ComputedRef<Collection | und
|
||||
|
||||
const endpoint = collection.value.collection.startsWith('directus_')
|
||||
? `/${collection.value.collection.substring(9)}/${primaryKey.value}`
|
||||
: `/items/${collection.value.collection}/${primaryKey.value}`;
|
||||
: `/items/${collection.value.collection}/${encodeURIComponent(primaryKey.value)}`;
|
||||
|
||||
try {
|
||||
const result = await api.get(endpoint, {
|
||||
|
||||
@@ -76,7 +76,7 @@ export default defineComponent({
|
||||
if (!relatedCollection.value || !primaryKeyField.value) return null;
|
||||
const primaryKey = item[primaryKeyField.value.field];
|
||||
|
||||
return `/collections/${relatedCollection.value}/${primaryKey}`;
|
||||
return `/collections/${relatedCollection.value}/${encodeURIComponent(primaryKey)}`;
|
||||
}
|
||||
},
|
||||
});
|
||||
|
||||
@@ -234,7 +234,7 @@ export default defineComponent({
|
||||
try {
|
||||
const endpoint = relatedCollection.value.collection.startsWith('directus_')
|
||||
? `/${relatedCollection.value.collection.substring(9)}/${props.value}`
|
||||
: `/items/${relatedCollection.value.collection}/${props.value}`;
|
||||
: `/items/${relatedCollection.value.collection}/${encodeURIComponent(props.value)}`;
|
||||
|
||||
const response = await api.get(endpoint, {
|
||||
params: {
|
||||
|
||||
@@ -149,7 +149,7 @@ export default defineComponent({
|
||||
loading.value = true;
|
||||
|
||||
try {
|
||||
const response = await api.get(`/items/${props.collection}/${props.primaryKey}`, {
|
||||
const response = await api.get(`/items/${props.collection}/${encodeURIComponent(props.primaryKey)}`, {
|
||||
params: {
|
||||
fields: getFieldsToFetch(),
|
||||
},
|
||||
|
||||
@@ -450,7 +450,7 @@ export default defineComponent({
|
||||
|
||||
function getLinkForItem(item: Record<string, any>) {
|
||||
if (!primaryKeyField.value) return;
|
||||
return `/collections/${props.collection}/${item[primaryKeyField.value!.field]}`;
|
||||
return `/collections/${props.collection}/${encodeURIComponent(item[primaryKeyField.value!.field])}`;
|
||||
}
|
||||
|
||||
function selectAll() {
|
||||
|
||||
@@ -537,7 +537,7 @@ export default defineComponent({
|
||||
const primaryKey = item[primaryKeyField.value!.field];
|
||||
|
||||
// eslint-disable-next-line @typescript-eslint/no-empty-function
|
||||
router.push(`/collections/${collection.value}/${primaryKey}`, () => {});
|
||||
router.push(`/collections/${collection.value}/${encodeURIComponent(primaryKey)}`, () => {});
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -87,7 +87,7 @@ export default defineComponent({
|
||||
const openItemLink = computed(() => {
|
||||
if (!item || !item.value) return;
|
||||
|
||||
return `/collections/${item.value.collection}/${item.value.item}`;
|
||||
return `/collections/${item.value.collection}/${encodeURIComponent(item.value.item)}`;
|
||||
});
|
||||
|
||||
watch(() => props.primaryKey, loadActivity, { immediate: true });
|
||||
|
||||
@@ -435,7 +435,7 @@ export default defineComponent({
|
||||
if (props.primaryKey === '+') {
|
||||
// eslint-disable-next-line @typescript-eslint/no-non-null-assertion
|
||||
const newPrimaryKey = savedItem[primaryKeyField.value!.field];
|
||||
router.replace(`/collections/${props.collection}/${newPrimaryKey}`);
|
||||
router.replace(`/collections/${props.collection}/${encodeURIComponent(newPrimaryKey)}`);
|
||||
}
|
||||
} catch {
|
||||
// Save shows unexpected error dialog
|
||||
@@ -461,7 +461,7 @@ export default defineComponent({
|
||||
async function saveAsCopyAndNavigate() {
|
||||
try {
|
||||
const newPrimaryKey = await saveAsCopy();
|
||||
if (newPrimaryKey) router.push(`/collections/${props.collection}/${newPrimaryKey}`);
|
||||
if (newPrimaryKey) router.push(`/collections/${props.collection}/${encodeURIComponent(newPrimaryKey)}`);
|
||||
} catch {
|
||||
// Save shows unexpected error dialog
|
||||
}
|
||||
|
||||
@@ -238,7 +238,7 @@ export default defineComponent({
|
||||
|
||||
const endpoint = props.collection.startsWith('directus_')
|
||||
? `/${props.collection.substring(9)}/${props.primaryKey}`
|
||||
: `/items/${props.collection}/${props.primaryKey}`;
|
||||
: `/items/${props.collection}/${encodeURIComponent(props.primaryKey)}`;
|
||||
|
||||
let fields = '*';
|
||||
|
||||
@@ -264,7 +264,7 @@ export default defineComponent({
|
||||
|
||||
const endpoint = collection.startsWith('directus_')
|
||||
? `/${collection.substring(9)}/${props.relatedPrimaryKey}`
|
||||
: `/items/${collection}/${props.relatedPrimaryKey}`;
|
||||
: `/items/${collection}/${encodeURIComponent(props.relatedPrimaryKey)}`;
|
||||
|
||||
try {
|
||||
const response = await api.get(endpoint);
|
||||
|
||||
Reference in New Issue
Block a user