k1nq/TREK
1
0
Fork 0
mirror of https://github.com/mauriceboe/TREK.git synced 2026-06-19 13:21:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(naver-import): address PR #495 review issues

Browse Source 
- SSRF: validate user-supplied URLs with checkSsrf() before fetch in
  both importNaverList and importGoogleList; upgrade naver.me substring
  check to exact hostname comparison to prevent bypass
- i18n: add missing places.importNaverList key to de.ts and es.ts
- migration: switch Naver addon seed to INSERT OR IGNORE to preserve
  admin customizations on re-runs; restore budget_category_order
  CREATE TABLE to its original formatting
- route: remove redundant cast after type-narrowing guard in naver-list handler
- component: hoist provider ternary above try/catch in handleListImport
- tests: add four new Naver import cases (502, empty list, no-coords,
  canonical URL skipping redirect fetch)
This commit is contained in:
jubnl
2026-04-15 04:48:39 +02:00
parent 4362406e74
commit 9789c51d4f
7 changed files with 125 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files
client/src/components/Planner/PlacesSidebar.tsx
+1 -2
View File
@@ -86,8 +86,8 @@ const PlacesSidebar = React.memo(function PlacesSidebar({
const handleListImport = async () => {
if (!listImportUrl.trim()) return
setListImportLoading(true)
const provider = listImportProvider === 'naver' && isNaverListImportEnabled ? 'naver' : 'google'
try {
const provider = listImportProvider === 'naver' && isNaverListImportEnabled ? 'naver' : 'google'
const result = provider === 'google'
? await placesApi.importGoogleList(tripId, listImportUrl.trim())
: await placesApi.importNaverList(tripId, listImportUrl.trim())
@@ -105,7 +105,6 @@ const PlacesSidebar = React.memo(function PlacesSidebar({
})
}
} catch (err: any) {
const provider = listImportProvider === 'naver' && isNaverListImportEnabled ? 'naver' : 'google'
toast.error(err?.response?.data?.error || t(provider === 'google' ? 'places.googleListError' : 'places.naverListError'))
} finally {
setListImportLoading(false)
client/src/i18n/translations/de.ts
+1
View File
@@ -899,6 +899,7 @@ const de: Record<string, string | { name: string; category: string }[]> = {
'places.gpxError': 'GPX-Import fehlgeschlagen',
'places.importList': 'Listenimport',
'places.importGoogleList': 'Google Liste',
'places.importNaverList': 'Naver Liste',
'places.googleListHint': 'Geteilten Google Maps Listen-Link einfügen, um alle Orte zu importieren.',
'places.googleListImported': '{count} Orte aus "{list}" importiert',
'places.googleListError': 'Google Maps Liste konnte nicht importiert werden',
client/src/i18n/translations/es.ts
+1
View File
@@ -870,6 +870,7 @@ const es: Record<string, string> = {
'places.gpxError': 'Error al importar GPX',
'places.importList': 'Importar lista',
'places.importGoogleList': 'Lista Google',
'places.importNaverList': 'Lista Naver',
'places.googleListHint': 'Pega un enlace compartido de una lista de Google Maps para importar todos los lugares.',
'places.googleListImported': '{count} lugares importados de "{list}"',
'places.googleListError': 'Error al importar la lista de Google Maps',