fix(kml-import): address PR #488 review issues

- Strip BOM (U+FEFF) from 14 translation files injected by editor - Guard KMZ unpack against zip-bomb: check entry.uncompressedSize against 50 MB cap (KMZ_DECOMPRESSED_SIZE_LIMIT) before calling .buffer(); limit is an exported constant so tests can override it - Fix non-BMP HTML entity decoding: replace String.fromCharCode with String.fromCodePoint + 0x10FFFF bounds check so emoji like 😀 round-trip correctly - Switch KML namespace stripping from regex to fast-xml-parser's removeNSPrefix option; XMLValidator accepts namespaced XML natively, making the pre-strip step unnecessary - Remove dead skippedCount overwrite after transaction; per-loop increment already tracks it alongside per-item error messages - Type multer req.file as Express.Multer.File on both /import/gpx and /import/map routes instead of (req as any).file - Add unit tests: emoji entity decoding (decimal + hex), KMZ zip-bomb rejection, KMZ-with-no-KML rejection
2026-06-19 13:21:46 +00:00 · 2026-04-15 05:16:47 +02:00
parent a1a7795945
commit 801ffbfb7b
19 changed files with 103 additions and 41 deletions
@@ -1,4 +1,4 @@
-import en from './en'
+import en from './en'

 const ar: Record<string, string | { name: string; category: string }[]> = {
  ...en,
@@ -1,4 +1,4 @@
-const br: Record<string, string | { name: string; category: string }[]> = {
+const br: Record<string, string | { name: string; category: string }[]> = {
  // Common
  'common.save': 'Salvar',
  'common.showMore': 'Mostrar mais',
@@ -1,4 +1,4 @@
-const cs: Record<string, string | { name: string; category: string }[]> = {
+const cs: Record<string, string | { name: string; category: string }[]> = {
  // Společné (Common)
  'common.save': 'Uložit',
  'common.showMore': 'Zobrazit více',
@@ -1,4 +1,4 @@
-const de: Record<string, string | { name: string; category: string }[]> = {
+const de: Record<string, string | { name: string; category: string }[]> = {
  // Allgemein
  'common.save': 'Speichern',
  'common.showMore': 'Mehr anzeigen',
@@ -1,4 +1,4 @@
-const en: Record<string, string | { name: string; category: string }[]> = {
+const en: Record<string, string | { name: string; category: string }[]> = {
  // Common
  'common.save': 'Save',
  'common.showMore': 'Show more',
@@ -1,4 +1,4 @@
-const es: Record<string, string> = {
+const es: Record<string, string> = {
  // Common
  'common.save': 'Guardar',
  'common.showMore': 'Ver más',
@@ -1,4 +1,4 @@
-const fr: Record<string, string> = {
+const fr: Record<string, string> = {
  // Common
  'common.save': 'Enregistrer',
  'common.showMore': 'Voir plus',
@@ -1,4 +1,4 @@
-const hu: Record<string, string | { name: string; category: string }[]> = {
+const hu: Record<string, string | { name: string; category: string }[]> = {
  // Általános
  'common.save': 'Mentés',
  'common.showMore': 'Továbbiak',
@@ -1,4 +1,4 @@
-const it: Record<string, string | { name: string; category: string }[]> = {
+const it: Record<string, string | { name: string; category: string }[]> = {
  // Common
  'common.save': 'Salva',
  'common.showMore': 'Mostra di più',
@@ -1,4 +1,4 @@
-const nl: Record<string, string> = {
+const nl: Record<string, string> = {
  // Common
  'common.save': 'Opslaan',
  'common.showMore': 'Meer tonen',
@@ -1,4 +1,4 @@
-const pl: Record<string, string | { name: string; category: string }[]> = {
+const pl: Record<string, string | { name: string; category: string }[]> = {
  // Common
  'common.save': 'Zapisz',
  'common.showMore': 'Pokaż więcej',
@@ -1,4 +1,4 @@
-const ru: Record<string, string> = {
+const ru: Record<string, string> = {
  // Common
  'common.save': 'Сохранить',
  'common.showMore': 'Показать больше',
@@ -1,4 +1,4 @@
-const zh: Record<string, string> = {
+const zh: Record<string, string> = {
  // Common
  'common.save': '保存',
  'common.showMore': '显示更多',
@@ -1,4 +1,4 @@
-const zhTw: Record<string, string> = {
+const zhTw: Record<string, string> = {
  // Common
  'common.save': '儲存',
  'common.showMore': '顯示更多',