From 5b693433f3e546f3934f17f56dcfeca485646d32 Mon Sep 17 00:00:00 2001 From: jaaaaavier Date: Tue, 17 Feb 2026 10:20:33 +0100 Subject: [PATCH 1/5] fix: dependan bot alert --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index fabd50e13..1dd7e3cd5 100644 --- a/package.json +++ b/package.json @@ -112,7 +112,7 @@ "form-data": "^4.0.4", "tar": "^7.5.7", "jspdf": "^4.1.0", - "qs": "^6.14.1" + "qs": "^6.14.2" }, "engines": { "node": ">=22.0.0" diff --git a/yarn.lock b/yarn.lock index 223d255e6..1fad4ab3c 100644 --- a/yarn.lock +++ b/yarn.lock @@ -7533,10 +7533,10 @@ punycode@^2.1.1: resolved "https://registry.yarnpkg.com/punycode/-/punycode-2.3.0.tgz#f67fa67c94da8f4d0cfff981aee4118064199b8f" integrity sha512-rRV+zQD8tVFys26lAGR9WUuS4iUAngJScM+ZRSKtvl5tKeZ2t5bvdNFdNHBW9FWR4guGHlgmsZ1G7BSm2wTbuA== -qs@6.10.4, qs@^6.14.1: - version "6.14.1" - resolved "https://registry.yarnpkg.com/qs/-/qs-6.14.1.tgz#a41d85b9d3902f31d27861790506294881871159" - integrity sha512-4EK3+xJl8Ts67nLYNwqw/dsFVnCf+qR7RgXSK9jEEm9unao3njwMDdmsdvoKBKHzxd7tCYz5e5M+SnMjdtXGQQ== +qs@6.10.4, qs@^6.14.2: + version "6.15.0" + resolved "https://registry.yarnpkg.com/qs/-/qs-6.15.0.tgz#db8fd5d1b1d2d6b5b33adaf87429805f1909e7b3" + integrity sha512-mAZTtNCeetKMH+pSjrb76NAM8V9a05I9aBZOHztWy/UqcJdQYNsf59vrRKWnojAT9Y+GbIvoTBC++CPHqpDBhQ== dependencies: side-channel "^1.1.0" From 7ccdb65642f9bcb0d753ee9a1d34beb5e29ec151 Mon Sep 17 00:00:00 2001 From: jaaaaavier Date: Tue, 17 Feb 2026 10:33:20 +0100 Subject: [PATCH 2/5] fix/code sacnning alerts --- src/components/temp-email/HeroSection.tsx | 25 +++++++--- src/pages/api/temp-mail/get-message.ts | 11 ++++- src/pages/file-compressor/[filename].tsx | 59 ++++++++++++++--------- src/pages/file-converter/[filename].tsx | 54 +++++++++++++-------- src/pages/sitemap.xml.js | 5 +- 5 files changed, 100 insertions(+), 54 deletions(-) diff --git a/src/components/temp-email/HeroSection.tsx b/src/components/temp-email/HeroSection.tsx index a36f9303b..3e3133a38 100644 --- a/src/components/temp-email/HeroSection.tsx +++ b/src/components/temp-email/HeroSection.tsx @@ -80,11 +80,24 @@ export const HeroSection = ({ textContent }) => { const storedEmail = localStorage.getItem(EMAIL_STORAGE_KEY); if (storedEmail !== null) { - const { address, token } = JSON.parse(storedEmail); - setUser({ - address, - token, - }); + try { + const decodedEmail = atob(storedEmail); + const { address, token } = JSON.parse(decodedEmail); + setUser({ + address, + token, + }); + } catch { + try { + const { address, token } = JSON.parse(storedEmail); + setUser({ + address, + token, + }); + } catch (error) { + await getNewEmail(); + } + } } else { await getNewEmail(); } @@ -102,7 +115,7 @@ export const HeroSection = ({ textContent }) => { setMessages(undefined); localStorage.setItem(SETUP_TIME_STORAGE_KEY, String(TIME_NOW)); - localStorage.setItem(EMAIL_STORAGE_KEY, JSON.stringify(emailData)); + localStorage.setItem(EMAIL_STORAGE_KEY, btoa(JSON.stringify(emailData))); } catch (error) { console.error('Failed to initialize new email session:', error); } diff --git a/src/pages/api/temp-mail/get-message.ts b/src/pages/api/temp-mail/get-message.ts index e2e9a418b..9f581a1b0 100644 --- a/src/pages/api/temp-mail/get-message.ts +++ b/src/pages/api/temp-mail/get-message.ts @@ -10,9 +10,18 @@ async function handler(req: NextApiRequest, res: NextApiResponse) { if (req.method !== 'GET') return res.status(405).json({ message: 'Method not allowed' }); const { email, token, messageId } = req.query; + + if (typeof email !== 'string' || typeof token !== 'string' || typeof messageId !== 'string') { + return res.status(400).json({ message: 'Invalid parameters' }); + } + try { + const safeEmail = encodeURIComponent(email); + const safeToken = encodeURIComponent(token); + const safeMessageId = encodeURIComponent(messageId); + const inbox = await axios.get( - `${CONVERTER_URL}/api/temp-mail/messages/selectedMessage/${email}/${token}/${messageId}`, + `${CONVERTER_URL}/api/temp-mail/messages/selectedMessage/${safeEmail}/${safeToken}/${safeMessageId}`, ); return res.status(200).json(inbox.data.messageObj); diff --git a/src/pages/file-compressor/[filename].tsx b/src/pages/file-compressor/[filename].tsx index 3648b7eee..550301cf4 100644 --- a/src/pages/file-compressor/[filename].tsx +++ b/src/pages/file-compressor/[filename].tsx @@ -55,32 +55,45 @@ const FileConverter = ({ export async function getServerSideProps(ctx) { const lang = ctx.locale; - const pathname = ctx.params.filename; - const metatagsDescriptions = require(`@/assets/lang/${lang}/metatags-descriptions.json`); - const navbarLang = require(`@/assets/lang/${lang}/navbar.json`); - const textContent = require(`@/assets/lang/${lang}/file-compressor/${pathname}.json`); - const converterText = require(`@/assets/lang/${lang}/file-compressor/converter-card.json`); - const errorContent = require(`@/assets/lang/${lang}/file-compressor/errorState.json`); - const footerLang = require(`@/assets/lang/${lang}/footer.json`); - const toolsContent = require(`@/assets/lang/${lang}/components/tools/ToolSection.json`); - const bannerLang = require(`@/assets/lang/${lang}/banners.json`); + const isValidPath = /^[a-z0-9-]+$/.test(pathname); + + if (!isValidPath) { + return { + notFound: true, + }; + } + + try { + const metatagsDescriptions = require(`@/assets/lang/${lang}/metatags-descriptions.json`); + const navbarLang = require(`@/assets/lang/${lang}/navbar.json`); + const textContent = require(`@/assets/lang/${lang}/file-compressor/${pathname}.json`); + const converterText = require(`@/assets/lang/${lang}/file-compressor/converter-card.json`); + const errorContent = require(`@/assets/lang/${lang}/file-compressor/errorState.json`); + const footerLang = require(`@/assets/lang/${lang}/footer.json`); + const toolsContent = require(`@/assets/lang/${lang}/components/tools/ToolSection.json`); + const bannerLang = require(`@/assets/lang/${lang}/banners.json`); - return { - props: { - metatagsDescriptions, - navbarLang, - textContent, - converterText, - errorContent, - footerLang, - lang, - toolsContent, - pathname, - bannerLang, - }, - }; + return { + props: { + metatagsDescriptions, + navbarLang, + textContent, + converterText, + errorContent, + footerLang, + lang, + toolsContent, + pathname, + bannerLang, + }, + }; + } catch (error) { + return { + notFound: true, + }; + } } export default FileConverter; diff --git a/src/pages/file-converter/[filename].tsx b/src/pages/file-converter/[filename].tsx index 2b4dd9999..71f9e1bef 100644 --- a/src/pages/file-converter/[filename].tsx +++ b/src/pages/file-converter/[filename].tsx @@ -55,27 +55,41 @@ export async function getServerSideProps(ctx) { const textLang = lang === 'es' ? lang : 'en'; const pathname = ctx.params.filename; - const metatagsDescriptions = require(`@/assets/lang/${textLang}/metatags-descriptions.json`); - const navbarLang = require(`@/assets/lang/${textLang}/navbar.json`); - const textContent = require(`@/assets/lang/${textLang}/file-converter/${pathname}.json`); - const converterText = require(`@/assets/lang/${textLang}/file-converter/converter-card.json`); - const errorContent = require(`@/assets/lang/${textLang}/file-converter/errorState.json`); - const footerLang = require(`@/assets/lang/${textLang}/footer.json`); - const toolsContent = require(`@/assets/lang/${textLang}/components/tools/ToolSection.json`); + const isValidPath = /^[a-z0-9-]+$/.test(pathname); - return { - props: { - metatagsDescriptions, - navbarLang, - textContent, - converterText, - errorContent, - footerLang, - lang, - toolsContent, - pathname, - }, - }; + if (!isValidPath) { + return { + notFound: true, + }; + } + + try { + const metatagsDescriptions = require(`@/assets/lang/${textLang}/metatags-descriptions.json`); + const navbarLang = require(`@/assets/lang/${textLang}/navbar.json`); + const textContent = require(`@/assets/lang/${textLang}/file-converter/${pathname}.json`); + const converterText = require(`@/assets/lang/${textLang}/file-converter/converter-card.json`); + const errorContent = require(`@/assets/lang/${textLang}/file-converter/errorState.json`); + const footerLang = require(`@/assets/lang/${textLang}/footer.json`); + const toolsContent = require(`@/assets/lang/${textLang}/components/tools/ToolSection.json`); + + return { + props: { + metatagsDescriptions, + navbarLang, + textContent, + converterText, + errorContent, + footerLang, + lang, + toolsContent, + pathname, + }, + }; + } catch (error) { + return { + notFound: true, + }; + } } export default FileConverter; diff --git a/src/pages/sitemap.xml.js b/src/pages/sitemap.xml.js index 1fc718d99..5d31f91cf 100644 --- a/src/pages/sitemap.xml.js +++ b/src/pages/sitemap.xml.js @@ -4,10 +4,7 @@ import path from 'path'; const Sitemap = () => {}; export const getServerSideProps = ({ res }) => { - const baseUrl = { - development: 'http://localhost:3001', - production: 'https://internxt.com', - }[process.env.NODE_ENV]; + const baseUrl = process.env.NODE_ENV === 'development' ? 'http://localhost:3001' : 'https://internxt.com'; const pages = { index: '1.0', From 6c20ec692611515f1b809cb480438a1c18ad8f81 Mon Sep 17 00:00:00 2001 From: jaaaaavier Date: Tue, 17 Feb 2026 11:57:39 +0100 Subject: [PATCH 3/5] update sonar reviews --- src/components/temp-email/HeroSection.tsx | 2 +- src/pages/file-compressor/[filename].tsx | 2 +- src/pages/file-converter/[filename].tsx | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/components/temp-email/HeroSection.tsx b/src/components/temp-email/HeroSection.tsx index 3e3133a38..49081f8c5 100644 --- a/src/components/temp-email/HeroSection.tsx +++ b/src/components/temp-email/HeroSection.tsx @@ -94,7 +94,7 @@ export const HeroSection = ({ textContent }) => { address, token, }); - } catch (error) { + } catch { await getNewEmail(); } } diff --git a/src/pages/file-compressor/[filename].tsx b/src/pages/file-compressor/[filename].tsx index 550301cf4..3edad0d60 100644 --- a/src/pages/file-compressor/[filename].tsx +++ b/src/pages/file-compressor/[filename].tsx @@ -89,7 +89,7 @@ export async function getServerSideProps(ctx) { bannerLang, }, }; - } catch (error) { + } catch { return { notFound: true, }; diff --git a/src/pages/file-converter/[filename].tsx b/src/pages/file-converter/[filename].tsx index 71f9e1bef..35e7cf2f7 100644 --- a/src/pages/file-converter/[filename].tsx +++ b/src/pages/file-converter/[filename].tsx @@ -85,7 +85,7 @@ export async function getServerSideProps(ctx) { pathname, }, }; - } catch (error) { + } catch { return { notFound: true, }; From 766f651ab159996d168d83ce317d160d4b5e953b Mon Sep 17 00:00:00 2001 From: jaaaaavier Date: Tue, 17 Feb 2026 12:18:16 +0100 Subject: [PATCH 4/5] sonar updates --- src/pages/file-compressor/[filename].tsx | 10 ++++------ src/pages/file-converter/[filename].tsx | 10 ++++------ 2 files changed, 8 insertions(+), 12 deletions(-) diff --git a/src/pages/file-compressor/[filename].tsx b/src/pages/file-compressor/[filename].tsx index 3edad0d60..655ffe991 100644 --- a/src/pages/file-compressor/[filename].tsx +++ b/src/pages/file-compressor/[filename].tsx @@ -1,5 +1,3 @@ -'use client'; - import Layout from '@/components/layout/Layout'; import Navbar from '@/components/layout/navbars/Navbar'; import Footer from '@/components/layout/footers/Footer'; @@ -55,16 +53,16 @@ const FileConverter = ({ export async function getServerSideProps(ctx) { const lang = ctx.locale; - const pathname = ctx.params.filename; - - const isValidPath = /^[a-z0-9-]+$/.test(pathname); + const rawFilename = ctx.params.filename; - if (!isValidPath) { + if (typeof rawFilename !== 'string' || !/^[a-z0-9-]+$/.test(rawFilename)) { return { notFound: true, }; } + const pathname = rawFilename.replace(/[^a-z0-9-]/g, ''); + try { const metatagsDescriptions = require(`@/assets/lang/${lang}/metatags-descriptions.json`); const navbarLang = require(`@/assets/lang/${lang}/navbar.json`); diff --git a/src/pages/file-converter/[filename].tsx b/src/pages/file-converter/[filename].tsx index 35e7cf2f7..d37356fca 100644 --- a/src/pages/file-converter/[filename].tsx +++ b/src/pages/file-converter/[filename].tsx @@ -1,5 +1,3 @@ -'use client'; - import Layout from '@/components/layout/Layout'; import Navbar from '@/components/layout/navbars/Navbar'; import Footer from '@/components/layout/footers/Footer'; @@ -53,16 +51,16 @@ const FileConverter = ({ export async function getServerSideProps(ctx) { const lang = ctx.locale; const textLang = lang === 'es' ? lang : 'en'; - const pathname = ctx.params.filename; - - const isValidPath = /^[a-z0-9-]+$/.test(pathname); + const rawFilename = ctx.params.filename; - if (!isValidPath) { + if (typeof rawFilename !== 'string' || !/^[a-z0-9-]+$/.test(rawFilename)) { return { notFound: true, }; } + const pathname = rawFilename.replace(/[^a-z0-9-]/g, ''); + try { const metatagsDescriptions = require(`@/assets/lang/${textLang}/metatags-descriptions.json`); const navbarLang = require(`@/assets/lang/${textLang}/navbar.json`); From 0369e54025a68cc6338ddb321eb6294d2dd98fd6 Mon Sep 17 00:00:00 2001 From: jaaaaavier Date: Tue, 17 Feb 2026 12:44:33 +0100 Subject: [PATCH 5/5] sonar updates --- src/pages/file-compressor/[filename].tsx | 13 +++++++++++-- src/pages/file-converter/[filename].tsx | 13 +++++++++++-- 2 files changed, 22 insertions(+), 4 deletions(-) diff --git a/src/pages/file-compressor/[filename].tsx b/src/pages/file-compressor/[filename].tsx index 655ffe991..afb52297b 100644 --- a/src/pages/file-compressor/[filename].tsx +++ b/src/pages/file-compressor/[filename].tsx @@ -1,3 +1,6 @@ +'use client'; + +import path from 'path'; import Layout from '@/components/layout/Layout'; import Navbar from '@/components/layout/navbars/Navbar'; import Footer from '@/components/layout/footers/Footer'; @@ -55,13 +58,19 @@ export async function getServerSideProps(ctx) { const lang = ctx.locale; const rawFilename = ctx.params.filename; - if (typeof rawFilename !== 'string' || !/^[a-z0-9-]+$/.test(rawFilename)) { + if (typeof rawFilename !== 'string') { return { notFound: true, }; } - const pathname = rawFilename.replace(/[^a-z0-9-]/g, ''); + const pathname = path.basename(rawFilename); + + if (!/^[a-z0-9-]+$/.test(pathname)) { + return { + notFound: true, + }; + } try { const metatagsDescriptions = require(`@/assets/lang/${lang}/metatags-descriptions.json`); diff --git a/src/pages/file-converter/[filename].tsx b/src/pages/file-converter/[filename].tsx index d37356fca..27580b581 100644 --- a/src/pages/file-converter/[filename].tsx +++ b/src/pages/file-converter/[filename].tsx @@ -1,3 +1,6 @@ +'use client'; + +import path from 'path'; import Layout from '@/components/layout/Layout'; import Navbar from '@/components/layout/navbars/Navbar'; import Footer from '@/components/layout/footers/Footer'; @@ -53,13 +56,19 @@ export async function getServerSideProps(ctx) { const textLang = lang === 'es' ? lang : 'en'; const rawFilename = ctx.params.filename; - if (typeof rawFilename !== 'string' || !/^[a-z0-9-]+$/.test(rawFilename)) { + if (typeof rawFilename !== 'string') { return { notFound: true, }; } - const pathname = rawFilename.replace(/[^a-z0-9-]/g, ''); + const pathname = path.basename(rawFilename); + + if (!/^[a-z0-9-]+$/.test(pathname)) { + return { + notFound: true, + }; + } try { const metatagsDescriptions = require(`@/assets/lang/${textLang}/metatags-descriptions.json`);