mirror of
https://github.com/thaldrin/thaldrin.git
synced 2024-08-14 23:57:21 +00:00
make eval unable to return sensitive strings
This commit is contained in:
parent
80574888d1
commit
b8c58708f5
3 changed files with 29 additions and 5 deletions
|
@ -1,5 +1,6 @@
|
|||
import { Context } from "../../utils/types";
|
||||
import Command from "../../handler/structures/Command";
|
||||
|
||||
import clean from "../../utils/clean"
|
||||
export = class Eval extends Command {
|
||||
constructor() {
|
||||
super({
|
||||
|
@ -15,16 +16,16 @@ export = class Eval extends Command {
|
|||
})
|
||||
}
|
||||
|
||||
async command(ctx: any) {
|
||||
async command(ctx: Context) {
|
||||
let code = ctx.args.join(" ")
|
||||
try {
|
||||
let evaled = await eval(code)
|
||||
if (typeof evaled != 'string') {
|
||||
evaled = (await import("util")).inspect(evaled, false, 1)
|
||||
}
|
||||
return evaled
|
||||
return ctx.channel.send(`\`\`\`js\n${clean(evaled)}\n\`\`\``)
|
||||
} catch (error) {
|
||||
|
||||
console.error(error)
|
||||
}
|
||||
}
|
||||
}
|
23
src/utils/clean.ts
Normal file
23
src/utils/clean.ts
Normal file
|
@ -0,0 +1,23 @@
|
|||
import config from '../../config'
|
||||
import replace from './replace'
|
||||
let SensitiveStrings = [
|
||||
config.token,
|
||||
config.supabase.key,
|
||||
config.supabase.url,
|
||||
config.apis.sheri,
|
||||
config.apis.yiffrest,
|
||||
].flat(Infinity)
|
||||
|
||||
|
||||
export default function clean(content: any) {
|
||||
let type = content
|
||||
if (typeof type === 'object') {
|
||||
content = JSON.stringify(content)
|
||||
}
|
||||
let regex = new RegExp(`(${SensitiveStrings.join("|")})`, "gi")
|
||||
content = replace(regex, "*snip*", content)
|
||||
if (typeof type === 'object') {
|
||||
content = JSON.parse(content)
|
||||
}
|
||||
return content
|
||||
}
|
|
@ -1,4 +1,4 @@
|
|||
export default function replace(to_replace: string, replace_with: string, full_string: string) {
|
||||
export default function replace(to_replace: any, replace_with: string, full_string: string) {
|
||||
|
||||
return full_string.replace(to_replace, replace_with)
|
||||
}
|
Loading…
Reference in a new issue