Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

handleFileInput return base64encoded url now. #111

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

handleFileInput return base64encoded url now. #111

wants to merge 3 commits into from

Conversation

imranaalam
Copy link

by using readAsDataURL function instead readAsText; now all data formats would be easily read as encode64 which can be later changed back to original file. https://base64.guru/
image
image

@sonarqubecloud
Copy link

sonarqubecloud bot commented Jun 5, 2021

Kudos, SonarCloud Quality Gate passed!

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@ghost
Copy link

ghost commented Jun 5, 2021

DeepCode's analysis on #80ee1d found:

  • 3 critical issues, ⚠️ 2 warnings, ℹ️ 1 minor issue. 👇

Top issues

Description Example fixes
Unsanitized input from data from a remote resource flows into a member access and is used to access a property of a field assignment by name. This may allow a malicious user to access methods (e.g. toString) as opposed to regular properties of objects and cause a crash, remote code execution or more serious problems. This is known as a Prototype Pollution vulnerability. Occurrences: 🔧 Example fixes
Unsanitized input from data from a remote resource flows into get, where it is used as an URL to perform a request. This may result in a Server-Side Request Forgery vulnerability. Occurrences: 🔧 Example fixes
Unsanitized user input from data from a remote resource flows into RegExp, where it is used to build a regular expression. This may result in a Regular expression Denial of Service attack (reDOS). Occurrences: 🔧 Example fixes

👉 View analysis in DeepCode’s Dashboard | Configure the bot

👉 The DeepCode service and API will be deprecated in August, 2021. Here is the information how to migrate. Thank you for using DeepCode 🙏 ❤️ !

If you are using our plugins, you might be interested in their successors: Snyk's JetBrains plugin and Snyk's VS Code plugin.

@aeberhart
Copy link
Contributor

Thanks for the pull request. Can you please add an issue where you describe the issue you're fixing?
Ideally, your change should be as small as possible (i.e. only fix the issue in the handle upload function).
If you have other changes (let's say a styling improvement) I'd be best to make another pull request for that.
This would help you tremendously and make sure we can merge your change asap so you can use it in the next version.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@imranaalam @aeberhart