heartles/egirlskey
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

Fix search-by-tag (#7531)

Browse source 
* Fix search-by-tag

* Revert "Fix search-by-tag"

This reverts commit c971d1d5d82f2d8b58fdec76e42f4404339ab83a.

* Fix typo

* Remove unused var

* インジェクションは[]を返すように
This commit is contained in:
MeiMei 2021-05-23 18:57:12 +09:00 committed by GitHub
parent 7063a6925f
commit 47aaf04481
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 19 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

13
src/server/api/endpoints/notes/search-by-tag.ts
View file

@ -104,23 +104,26 @@ export default define(meta, async (ps, me) => {
generateVisibilityQuery(query, me);
if (me) generateMutedUserQuery(query, me);
try {
if (ps.tag) {
if (!safeForSql(ps.tag)) return;
if (!safeForSql(ps.tag)) throw 'Injection';
query.andWhere(`'{"${normalizeForSearch(ps.tag)}"}' <@ note.tags`);
} else {
let i = 0;
query.andWhere(new Brackets(qb => {
for (const tags of ps.query!) {
qb.orWhere(new Brackets(qb => {
for (const tag of tags) {
if (!safeForSql(tag)) return;
qb.andWhere(`'{"${normalizeForSearch(ps.tag)}"}' <@ note.tags`);
i++;
if (!safeForSql(tag)) throw 'Injection';
qb.andWhere(`'{"${normalizeForSearch(tag)}"}' <@ note.tags`);
}
}));
}
}));
}
} catch (e) {
if (e === 'Injection') return [];
throw e;
}
if (ps.reply != null) {
if (ps.reply) {