mirror of
https://github.com/n8n-io/n8n.git
synced 2024-12-24 04:04:06 -08:00
fix(core): Tighten check for company size survey answer (#10646)
This commit is contained in:
parent
f0c61d029a
commit
e5aba60aff
|
@ -352,6 +352,26 @@ describe('MeController', () => {
|
|||
);
|
||||
});
|
||||
|
||||
it('should not flag XSS attempt for `<` sign in company size', async () => {
|
||||
const req = mock<MeRequest.SurveyAnswers>();
|
||||
req.body = {
|
||||
version: 'v4',
|
||||
personalization_survey_submitted_at: '2024-08-06T12:19:51.268Z',
|
||||
personalization_survey_n8n_version: '1.0.0',
|
||||
companySize: '<20',
|
||||
otherCompanyIndustryExtended: ['test'],
|
||||
automationGoalSm: ['test'],
|
||||
usageModes: ['test'],
|
||||
email: 'test@email.com',
|
||||
role: 'test',
|
||||
roleOther: 'test',
|
||||
reportedSource: 'test',
|
||||
reportedSourceOther: 'test',
|
||||
};
|
||||
|
||||
await expect(controller.storeSurveyAnswers(req)).resolves.toEqual({ success: true });
|
||||
});
|
||||
|
||||
test.each([
|
||||
'automationGoalDevops',
|
||||
'companyIndustryExtended',
|
||||
|
|
|
@ -45,7 +45,7 @@ export class PersonalizationSurveyAnswersV4 implements IPersonalizationSurveyAns
|
|||
@IsString({ each: true })
|
||||
otherCompanyIndustryExtended?: string[] | null;
|
||||
|
||||
@NoXss()
|
||||
@IsEnum(['<20', '20-99', '100-499', '500-999', '1000+', 'personalUser'])
|
||||
@Expose()
|
||||
@IsOptional()
|
||||
@IsString()
|
||||
|
|
|
@ -400,7 +400,7 @@ const SURVEY: IPersonalizationSurveyAnswersV4 = {
|
|||
automationGoalDevopsOther: 'test',
|
||||
companyIndustryExtended: ['test'],
|
||||
otherCompanyIndustryExtended: ['test'],
|
||||
companySize: 'test',
|
||||
companySize: '20-99',
|
||||
companyType: 'test',
|
||||
automationGoalSm: ['test'],
|
||||
automationGoalSmOther: 'test',
|
||||
|
|
Loading…
Reference in a new issue