Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(editor): Sanitize HTML binary-data before rendering in the UI #7400

Merged
merged 2 commits into from
Oct 11, 2023
Merged

fix(editor): Sanitize HTML binary-data before rendering in the UI #7400

merged 2 commits into from
Oct 11, 2023
+31 −21

Conversation

netroy
Copy link
Member

@netroy netroy commented Oct 11, 2023

No description provided.

@github-actions
Copy link
Contributor

github-actions bot commented Oct 11, 2023
edited
Loading

Great PR! Please pay attention to the following items before merging:

Files matching packages/**:

  • If fixing bug, added test to cover scenario.
  • If addressing forum or Github issue, added link to description.

Files matching packages/**/*.ts:

  • Added unit tests to cover new or updated functionality.

Files matching **/*.vue:

  • Used composition API for all new components.
  • Added component or unit tests to cover functionality.

Files matching packages/editor-ui/**/*.vue:

  • Added E2E if adding new features.
  • Used design system tokens (colors, spacings...) where possible.

Files matching packages/nodes-base/nodes/**:

  • Added workflow tests for nodes if possible.

Make sure to check off this list before asking for review.

@n8n-assistant n8n-assistant bot added core Enhancement outside /nodes-base and /editor-ui n8n team Authored by the n8n team ui Enhancement in /editor-ui or /design-system labels Oct 11, 2023
mutdmour
mutdmour previously approved these changes Oct 11, 2023
View reviewed changes
Copy link
Contributor

@mutdmour mutdmour left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Thanks for the fix.

@cypress
Copy link

cypress bot commented Oct 11, 2023

Passing run #2466 ↗︎

0 251 0 0 Flakiness 0

Details:

🌳 view-html-rundata 🖥️ browsers:node18.12.0-chrome107 🤖 netroy 🗃️ e2e/*
Project: n8n Commit: 60798e5616
Status: Passed Duration: 08:42 💡
Started: Oct 11, 2023 9:52 AM Ended: Oct 11, 2023 10:01 AM

Review all test suite changes for PR #7400 ↗︎

@github-actions
Copy link
Contributor

✅ All Cypress E2E specs passed

@codecov
Copy link

codecov bot commented Oct 11, 2023

Codecov Report

Attention: 11 lines in your changes are missing coverage. Please review.

Comparison is base (53c3379) 33.48% compared to head (60798e5) 33.50%.
Report is 1 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #7400      +/-   ##
==========================================
+ Coverage   33.48%   33.50%   +0.02%     
==========================================
  Files        3389     3389              
  Lines      207014   207020       +6     
  Branches    22336    22338       +2     
==========================================
+ Hits        69314    69366      +52     
+ Misses     136579   136533      -46     
  Partials     1121     1121
Files Coverage Δ
packages/workflow/src/Interfaces.ts 77.77% <ø> (ø)
packages/workflow/src/utils.ts 65.16% <100.00%> (+0.39%) ⬆️
packages/editor-ui/src/components/RunData.vue 60.11% <75.00%> (+0.04%) ⬆️
packages/editor-ui/src/components/RunDataHtml.vue 95.34% <80.00%> (+95.34%) ⬆️
...ditor-ui/src/components/BinaryDataDisplayEmbed.vue 67.27% <35.71%> (-0.35%) ⬇️

... and 2 files with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@netroy netroy merged commit 2b075bf into master Oct 11, 2023
55 checks passed
@netroy netroy deleted the view-html-rundata branch October 11, 2023 10:09
@github-actions github-actions bot mentioned this pull request Oct 11, 2023
Merged
netroy added a commit that referenced this pull request Oct 11, 2023
@github-actions @netroy
🚀 Release 1.11.0 (#7402)
e6ba841 
# [1.11.0](https://github.com/n8n-io/n8n/compare/n8n@1.10.0...n8n@1.11.0)
(2023-10-11)


### Bug Fixes

* **core:** Add an option to enable postgres ssl with default certs
([#6889](#6889))
([789e1e7](789e1e7))
* **core:** Fix error on missing paired item data
([#7399](#7399))
([47e8953](47e8953))
* **core:** Missing pairing info
([#7326](#7326))
([e2c3c7a](e2c3c7a))
* **core:** Prevent object deletion request on no prefix match
([#7366](#7366))
([63e11e4](63e11e4))
* **editor:** Fix completions for `.json` on quoted node name in Code
node ([#7382](#7382))
([86e7ec7](86e7ec7))
* **editor:** Implement canvas zoom UX improvements
([#7376](#7376))
([7e06b31](7e06b31))
* **editor:** Make workflow history button available only for dev builds
([#7392](#7392))
([7ed466d](7ed466d))
* **editor:** Remove excess margin below run data editor
([#7372](#7372))
([3fa2764](3fa2764))
* **editor:** Sanitize HTML binary-data before rendering in the UI
([#7400](#7400))
([2b075bf](2b075bf))
* **editor:** Use display option's @Version specifier
([#7351](#7351))
([afbf0c3](afbf0c3))
* **Google BigQuery Node:** Location default to jobReference
([#7354](#7354))
([97bb703](97bb703))
* **Google Drive Trigger Node:** Add Shared Drives support
([#7369](#7369))
([3e7a4d3](3e7a4d3))
* **Google Sheets Node:** Fix "Maximum call stack size exceeded" error
on too many rows ([#7384](#7384))
([732b15a](732b15a))
* **HTML Node:** Update property fields to not use expressions on drag
([#7379](#7379))
([77643e5](77643e5))
* **Notion Node:** Handle empty values correctly for Notion selects +
multi selects ([#7383](#7383))
([fbcd1d4](fbcd1d4))
* **Set Node:** Increase search priority
([#7358](#7358))
([e5ad1e7](e5ad1e7))
* **Webhook Node:** Backward compatible form-data parsing for non-array
files ([#7385](#7385))
([6479eb1](6479eb1))


### Features

* **core:** Add Job Summary to Worker response
([#7360](#7360))
([b8608ce](b8608ce))
* **core:** Integrate object store as binary data manager
([#7253](#7253))
([1a661e6](1a661e6))
* **core:** Switch binary filesystem mode to nested path structure
([#7307](#7307))
([0847623](0847623))
* **editor:** Make PDF and Audio binary-data viewable in the UI
([#7367](#7367))
([8187be1](8187be1))
* **editor:** Support autologin for upgrade path
([#7316](#7316))
([1dfa052](1dfa052))
* **Execute Workflow Node:** Run once for each item mode
([#7289](#7289))
([c8c14ca](c8c14ca))
* **Item Lists Node:** Split merge binary data
([#7297](#7297))
([965db8f](965db8f))
* **Loop Over Items (Split in Batches) Node:** Automatically add a loop
+ rename ([#7228](#7228))
([7b773cc](7b773cc))
* **Notion Node:** Fetch child blocks recursively
([#7304](#7304))
([193181a](193181a))

Co-authored-by: netroy <netroy@users.noreply.github.com>
@janober
Copy link
Member

janober commented Oct 11, 2023

Got released with n8n@1.11.0

MiloradFilipovic added a commit that referenced this pull request Oct 11, 2023
@MiloradFilipovic
Merge branch 'master' into ADO-1148-remote-options-fix
e530d52 
* master:
  fix(core): Fix ignoring crashed executions without event msgs (#7368)
  ci: Enable ARM64 builds for beta images (no-changelog) (#7403)
  🚀 Release 1.11.0 (#7402)
  fix(editor): Sanitize HTML binary-data before rendering in the UI (#7400)
  fix(core): Fix error on missing paired item data (#7399)
  feat(editor): Workflow history [WIP]- Create workflow history item preview component (no-changelog) (#7378)
  feat(Item Lists Node): Split merge binary data (#7297)
  fix(core): Missing pairing info (#7326)
  fix(Webhook Node): Backward compatible form-data parsing for non-array files (#7385)
elsmr pushed a commit that referenced this pull request Oct 19, 2023
@netroy @elsmr
fix(editor): Sanitize HTML binary-data before rendering in the UI (#7400
618e941 
)
elsmr pushed a commit that referenced this pull request Oct 19, 2023
@github-actions @netroy @elsmr
🚀 Release 1.11.0 (#7402)
f10b5f0 
# [1.11.0](https://github.com/n8n-io/n8n/compare/n8n@1.10.0...n8n@1.11.0)
(2023-10-11)


### Bug Fixes

* **core:** Add an option to enable postgres ssl with default certs
([#6889](#6889))
([789e1e7](789e1e7))
* **core:** Fix error on missing paired item data
([#7399](#7399))
([47e8953](47e8953))
* **core:** Missing pairing info
([#7326](#7326))
([e2c3c7a](e2c3c7a))
* **core:** Prevent object deletion request on no prefix match
([#7366](#7366))
([63e11e4](63e11e4))
* **editor:** Fix completions for `.json` on quoted node name in Code
node ([#7382](#7382))
([86e7ec7](86e7ec7))
* **editor:** Implement canvas zoom UX improvements
([#7376](#7376))
([7e06b31](7e06b31))
* **editor:** Make workflow history button available only for dev builds
([#7392](#7392))
([7ed466d](7ed466d))
* **editor:** Remove excess margin below run data editor
([#7372](#7372))
([3fa2764](3fa2764))
* **editor:** Sanitize HTML binary-data before rendering in the UI
([#7400](#7400))
([2b075bf](2b075bf))
* **editor:** Use display option's @Version specifier
([#7351](#7351))
([afbf0c3](afbf0c3))
* **Google BigQuery Node:** Location default to jobReference
([#7354](#7354))
([97bb703](97bb703))
* **Google Drive Trigger Node:** Add Shared Drives support
([#7369](#7369))
([3e7a4d3](3e7a4d3))
* **Google Sheets Node:** Fix "Maximum call stack size exceeded" error
on too many rows ([#7384](#7384))
([732b15a](732b15a))
* **HTML Node:** Update property fields to not use expressions on drag
([#7379](#7379))
([77643e5](77643e5))
* **Notion Node:** Handle empty values correctly for Notion selects +
multi selects ([#7383](#7383))
([fbcd1d4](fbcd1d4))
* **Set Node:** Increase search priority
([#7358](#7358))
([e5ad1e7](e5ad1e7))
* **Webhook Node:** Backward compatible form-data parsing for non-array
files ([#7385](#7385))
([6479eb1](6479eb1))


### Features

* **core:** Add Job Summary to Worker response
([#7360](#7360))
([b8608ce](b8608ce))
* **core:** Integrate object store as binary data manager
([#7253](#7253))
([1a661e6](1a661e6))
* **core:** Switch binary filesystem mode to nested path structure
([#7307](#7307))
([0847623](0847623))
* **editor:** Make PDF and Audio binary-data viewable in the UI
([#7367](#7367))
([8187be1](8187be1))
* **editor:** Support autologin for upgrade path
([#7316](#7316))
([1dfa052](1dfa052))
* **Execute Workflow Node:** Run once for each item mode
([#7289](#7289))
([c8c14ca](c8c14ca))
* **Item Lists Node:** Split merge binary data
([#7297](#7297))
([965db8f](965db8f))
* **Loop Over Items (Split in Batches) Node:** Automatically add a loop
+ rename ([#7228](#7228))
([7b773cc](7b773cc))
* **Notion Node:** Fetch child blocks recursively
([#7304](#7304))
([193181a](193181a))

Co-authored-by: netroy <netroy@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mutdmour mutdmour mutdmour approved these changes

Assignees
No one assigned
Labels
core Enhancement outside /nodes-base and /editor-ui n8n team Authored by the n8n team Released ui Enhancement in /editor-ui or /design-system
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@netroy @janober @mutdmour