gaschz/trilium
1
0
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-03-01 14:22:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix csrf protection on electron build

Browse Source
This commit is contained in:
zadam 2019-03-31 12:49:42 +02:00
parent bec6576620
commit 75dbaa4b77
7 changed files with 97 additions and 125 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

132
package-lock.json generated
View File

@ -62,12 +62,19 @@
}
},
"@babel/polyfill": {
"version": "7.0.0",
"resolved": "https://registry.npmjs.org/@babel/polyfill/-/polyfill-7.0.0.tgz",
"integrity": "sha512-dnrMRkyyr74CRelJwvgnnSUDh2ge2NCTyHVwpOdvRMHtJUyxLtMAfhBN3s64pY41zdw0kgiLPh6S20eb1NcX6Q==",
"version": "7.4.0",
"resolved": "https://registry.npmjs.org/@babel/polyfill/-/polyfill-7.4.0.tgz",
"integrity": "sha512-bVsjsrtsDflIHp5I6caaAa2V25Kzn50HKPL6g3X0P0ni1ks+58cPB8Mz6AOKVuRPgaVdq/OwEUc/1vKqX+Mo4A==",
"requires": {
"core-js": "2.5.7",
"regenerator-runtime": "0.11.1"
"core-js": "2.6.5",
"regenerator-runtime": "0.13.2"
},
"dependencies": {
"core-js": {
"version": "2.6.5",
"resolved": "https://registry.npmjs.org/core-js/-/core-js-2.6.5.tgz",
"integrity": "sha512-klh/kDpwX8hryYL14M9w/xei6vrv6sE8gTHDG7/T/+SEovB/G4ejwcfE/CBzO6Edsu+OETZMZ3wcX/EjUkrl5A=="
}
}
},
"@jimp/bmp": {
@ -186,18 +193,18 @@
}
},
"@jimp/plugin-cover": {
"version": "0.6.0",
"resolved": "https://registry.npmjs.org/@jimp/plugin-cover/-/plugin-cover-0.6.0.tgz",
"integrity": "sha512-iv9lA2v3qv+x3eaTThtyzFg+hO8/pSnM8NBymC5OlpSJnR54aWi7BVFXLJAF27T4EZyXko432PVul2IdY3BEPw==",
"version": "0.6.1",
"resolved": "https://registry.npmjs.org/@jimp/plugin-cover/-/plugin-cover-0.6.1.tgz",
"integrity": "sha512-mYDchAeP9gcBCgi7vX2cYBNygY1s/YaEKEUvSh2H5+DJfxtp/eynW+bInypCfbQJArZZX+26F5GufWnkB8BOnw==",
"requires": {
"@jimp/utils": "0.6.0",
"core-js": "2.5.7"
}
},
"@jimp/plugin-crop": {
"version": "0.6.0",
"resolved": "https://registry.npmjs.org/@jimp/plugin-crop/-/plugin-crop-0.6.0.tgz",
"integrity": "sha512-YftdmFZ2YnZDYyBulkStCt2MZbKKfbjytkE+6i3Djk2b/Rfryg5xjgzVnAumCRQJhVPukexrnc2V7KKbEgx7mQ==",
"version": "0.6.1",
"resolved": "https://registry.npmjs.org/@jimp/plugin-crop/-/plugin-crop-0.6.1.tgz",
"integrity": "sha512-rnxkgLvm1oC7yCg8mOIUqLNjAzzRC0eVTD3hfYq3LzDMe2LfpU208WhtVw0IjSJ2N7OSrRztJcw+jkVF8nUJJg==",
"requires": {
"@jimp/utils": "0.6.0",
"core-js": "2.5.7"
@ -267,9 +274,9 @@
}
},
"@jimp/plugin-print": {
"version": "0.6.0",
"resolved": "https://registry.npmjs.org/@jimp/plugin-print/-/plugin-print-0.6.0.tgz",
"integrity": "sha512-kXNHYo7bGQiMZkUqhCvm6OomjJtZnLGs7cgXp9qsCfPcDBLLW+X3oxnoLaePQMlpQt6hX/lzFnNaWKv/KB1jlA==",
"version": "0.6.1",
"resolved": "https://registry.npmjs.org/@jimp/plugin-print/-/plugin-print-0.6.1.tgz",
"integrity": "sha512-gZOrYEOFtohRYsGJNh9fQkBgpiKjDfNXpiXmwdolqBF39pPxRvo9ivTIJ7sHCLpDL+SnQRdR0EHiJ08BFt5Yow==",
"requires": {
"@jimp/utils": "0.6.0",
"core-js": "2.5.7",
@ -286,9 +293,9 @@
}
},
"@jimp/plugin-rotate": {
"version": "0.6.0",
"resolved": "https://registry.npmjs.org/@jimp/plugin-rotate/-/plugin-rotate-0.6.0.tgz",
"integrity": "sha512-1QGlIisyxs2HNLuynq/ETc4h7E6At3yR+IYAhG9U4KONG4RqlIy0giyDhnfEZaiqOE+O7f+0Z7zN6GoSHmQjzg==",
"version": "0.6.1",
"resolved": "https://registry.npmjs.org/@jimp/plugin-rotate/-/plugin-rotate-0.6.1.tgz",
"integrity": "sha512-+YYjO4Y664k0IfsPJVz4Er3pX+C8vYDWD9L2am01Jls4LT7GtUZbgIKuqwl8qXX0ENc/aF9UssuWIYVVzEoapw==",
"requires": {
"@jimp/utils": "0.6.0",
"core-js": "2.5.7"
@ -304,16 +311,16 @@
}
},
"@jimp/plugins": {
"version": "0.6.0",
"resolved": "https://registry.npmjs.org/@jimp/plugins/-/plugins-0.6.0.tgz",
"integrity": "sha512-9+znfBJM1B31kvw+IcQFnAuDntQhwca/SONFnKOSZ8BNiQdiuTNbXHFxOo3tvdv1ngtB+LkkiTgK+QoF358b8g==",
"version": "0.6.1",
"resolved": "https://registry.npmjs.org/@jimp/plugins/-/plugins-0.6.1.tgz",
"integrity": "sha512-gCgYxsQn3z5qifM8G4RfP6vQFKfwK/waVIE3I/mUY9QHZrf94sLuhcws+72hTLQ3It3m3QKaA1kSXrD9nkRdUw==",
"requires": {
"@jimp/plugin-blit": "0.6.0",
"@jimp/plugin-blur": "0.6.0",
"@jimp/plugin-color": "0.6.0",
"@jimp/plugin-contain": "0.6.0",
"@jimp/plugin-cover": "0.6.0",
"@jimp/plugin-crop": "0.6.0",
"@jimp/plugin-cover": "0.6.1",
"@jimp/plugin-crop": "0.6.1",
"@jimp/plugin-displace": "0.6.0",
"@jimp/plugin-dither": "0.6.0",
"@jimp/plugin-flip": "0.6.0",
@ -321,9 +328,9 @@
"@jimp/plugin-invert": "0.6.0",
"@jimp/plugin-mask": "0.6.0",
"@jimp/plugin-normalize": "0.6.0",
"@jimp/plugin-print": "0.6.0",
"@jimp/plugin-print": "0.6.1",
"@jimp/plugin-resize": "0.6.0",
"@jimp/plugin-rotate": "0.6.0",
"@jimp/plugin-rotate": "0.6.1",
"@jimp/plugin-scale": "0.6.0",
"core-js": "2.5.7",
"timm": "1.6.1"
@ -336,7 +343,7 @@
"requires": {
"@jimp/utils": "0.6.0",
"core-js": "2.5.7",
"pngjs": "3.3.3"
"pngjs": "3.4.0"
}
},
"@jimp/tiff": {
@ -2413,7 +2420,6 @@
"version": "1.1.3",
"resolved": "https://registry.npmjs.org/define-properties/-/define-properties-1.1.3.tgz",
"integrity": "sha512-3MqfYKj2lLzdMSf8ZIZE/V+Zuy+BgD6f164e8K2w7dgnpKArBDerGYpM46IYYcjnkdPNMjPk9A6VFB8+3SKlXQ==",
"dev": true,
"requires": {
"object-keys": "1.1.0"
},
@ -2421,8 +2427,7 @@
"object-keys": {
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/object-keys/-/object-keys-1.1.0.tgz",
"integrity": "sha512-6OO5X1+2tYkNyNEx6TsCxEqFfRWaqx6EtMiSbGrw8Ob8v9Ne+Hl8rBAgLBZn5wjEz3s/s6U1WXFUFOcxxAwUpg==",
"dev": true
"integrity": "sha512-6OO5X1+2tYkNyNEx6TsCxEqFfRWaqx6EtMiSbGrw8Ob8v9Ne+Hl8rBAgLBZn5wjEz3s/s6U1WXFUFOcxxAwUpg=="
}
}
},
@ -3591,7 +3596,6 @@
"version": "1.13.0",
"resolved": "https://registry.npmjs.org/es-abstract/-/es-abstract-1.13.0.tgz",
"integrity": "sha512-vDZfg/ykNxQVwup/8E1BZhVzFfBxs9NqMzGcvIJrqg5k2/5Za2bWo40dK2J1pgLngZ7c+Shh8lwYtLGyrwPutg==",
"dev": true,
"requires": {
"es-to-primitive": "1.2.0",
"function-bind": "1.1.1",
@ -3604,8 +3608,7 @@
"object-keys": {
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/object-keys/-/object-keys-1.1.0.tgz",
"integrity": "sha512-6OO5X1+2tYkNyNEx6TsCxEqFfRWaqx6EtMiSbGrw8Ob8v9Ne+Hl8rBAgLBZn5wjEz3s/s6U1WXFUFOcxxAwUpg==",
"dev": true
"integrity": "sha512-6OO5X1+2tYkNyNEx6TsCxEqFfRWaqx6EtMiSbGrw8Ob8v9Ne+Hl8rBAgLBZn5wjEz3s/s6U1WXFUFOcxxAwUpg=="
}
}
},
@ -3613,7 +3616,6 @@
"version": "1.2.0",
"resolved": "https://registry.npmjs.org/es-to-primitive/-/es-to-primitive-1.2.0.tgz",
"integrity": "sha512-qZryBOJjV//LaxLTV6UC//WewneB3LcXOL9NP++ozKVXsIIIpm/2c13UDiD9Jp2eThsecw9m3jPqDwTyobcdbg==",
"dev": true,
"requires": {
"is-callable": "1.1.4",
"is-date-object": "1.0.1",
@ -5169,8 +5171,7 @@
"function-bind": {
"version": "1.1.1",
"resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz",
"integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==",
"dev": true
"integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A=="
},
"functional-red-black-tree": {
"version": "1.0.1",
@ -5792,7 +5793,6 @@
"version": "1.0.3",
"resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz",
"integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==",
"dev": true,
"requires": {
"function-bind": "1.1.1"
}
@ -5827,8 +5827,7 @@
"has-symbols": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.0.tgz",
"integrity": "sha1-uhqPGvKg/DllD1yFA2dwQSIGO0Q=",
"dev": true
"integrity": "sha1-uhqPGvKg/DllD1yFA2dwQSIGO0Q="
},
"has-to-string-tag-x": {
"version": "1.4.1",
@ -6513,8 +6512,7 @@
"is-date-object": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/is-date-object/-/is-date-object-1.0.1.tgz",
"integrity": "sha1-mqIOtq7rv/d/vTPnTKAbM1gdOhY=",
"dev": true
"integrity": "sha1-mqIOtq7rv/d/vTPnTKAbM1gdOhY="
},
"is-descriptor": {
"version": "0.1.6",
@ -6746,7 +6744,6 @@
"version": "1.0.4",
"resolved": "https://registry.npmjs.org/is-regex/-/is-regex-1.0.4.tgz",
"integrity": "sha1-VRdIm1RwkbCTDglWVM7SXul+lJE=",
"dev": true,
"requires": {
"has": "1.0.3"
}
@ -6770,7 +6767,6 @@
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/is-symbol/-/is-symbol-1.0.2.tgz",
"integrity": "sha512-HS8bZ9ox60yCJLH9snBpIwv9pYUAkcuLhSA1oero1UB5y9aiQpRA8y2ex945AOtCZL1lJDeIk3G5LthswI46Lw==",
"dev": true,
"requires": {
"has-symbols": "1.0.0"
}
@ -6851,13 +6847,13 @@
}
},
"jimp": {
"version": "0.6.0",
"resolved": "https://registry.npmjs.org/jimp/-/jimp-0.6.0.tgz",
"integrity": "sha512-RYpN+AAlTEMf8Bnkhq2eeTNyr70rDK/2UUfUqzBJmwmZwdR6fxRJvgbCGWT1BDVRxaAqo+4CWm8ePBxOIsr4jg==",
"version": "0.6.1",
"resolved": "https://registry.npmjs.org/jimp/-/jimp-0.6.1.tgz",
"integrity": "sha512-R46NBV0mbdC+1DwP/xbTmXULfxxAok5KA+XtZTPVku1S0mXvsaxZ65cQz1MhiPjxcIIQYidI3ZFIf2F+th3wMQ==",
"requires": {
"@babel/polyfill": "7.0.0",
"@babel/polyfill": "7.4.0",
"@jimp/custom": "0.6.0",
"@jimp/plugins": "0.6.0",
"@jimp/plugins": "0.6.1",
"@jimp/types": "0.6.0",
"core-js": "2.5.7"
}
@ -7363,9 +7359,9 @@
"integrity": "sha1-MKCy2jj3N3DoKUoNIuZiXtd9AJc="
},
"lorem-ipsum": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/lorem-ipsum/-/lorem-ipsum-2.0.0.tgz",
"integrity": "sha512-MgsNPLB49Zwk2ah8kSG5T3X75JQsEC3tsI7QsWORuiIe2DTUq4b9QXSG7dkjHoO1lKKaxVM69MNiVssTfp+zGQ==",
"version": "2.0.1",
"resolved": "https://registry.npmjs.org/lorem-ipsum/-/lorem-ipsum-2.0.1.tgz",
"integrity": "sha512-FjqfVmw4pEYOWCgzJf+ei2ohRTeuxhnPW/b+nQO+JK4z/QE9OEslnf+SeBVJJCTNRPKIupTW91evd7ezTX2xGA==",
"dev": true,
"requires": {
"commander": "2.19.0"
@ -8977,9 +8973,9 @@
}
},
"pako": {
"version": "1.0.7",
"resolved": "https://registry.npmjs.org/pako/-/pako-1.0.7.tgz",
"integrity": "sha512-3HNK5tW4x8o5mO8RuHZp3Ydw9icZXx0RANAOMzlMzx7LVXhMJ4mo3MOBpzyd7r/+RUu8BmndP47LXT+vzjtWcQ=="
"version": "1.0.10",
"resolved": "https://registry.npmjs.org/pako/-/pako-1.0.10.tgz",
"integrity": "sha512-0DTvPVU3ed8+HNXOu5Bs+o//Mbdj9VNQMUOe9oKCwh8l0GNwpTDMKCWbRjgtD291AWnkAgkqA/LOnQS8AmS1tw=="
},
"parent-module": {
"version": "1.0.0",
@ -9062,12 +9058,12 @@
}
},
"parse-headers": {
"version": "2.0.1",
"resolved": "https://registry.npmjs.org/parse-headers/-/parse-headers-2.0.1.tgz",
"integrity": "sha1-aug6eqJanZtwCswoaYzR8e1+lTY=",
"version": "2.0.2",
"resolved": "https://registry.npmjs.org/parse-headers/-/parse-headers-2.0.2.tgz",
"integrity": "sha512-/LypJhzFmyBIDYP9aDVgeyEb5sQfbfY5mnDq4hVhlQ69js87wXfmEI5V3xI6vvXasqebp0oCytYFLxsBVfCzSg==",
"requires": {
"for-each": "0.3.3",
"trim": "0.0.1"
"string.prototype.trim": "1.1.2"
}
},
"parse-json": {
@ -9176,7 +9172,7 @@
"resolved": "https://registry.npmjs.org/pixelmatch/-/pixelmatch-4.0.2.tgz",
"integrity": "sha1-j0fc7FARtHe2fbA8JDvB8wheiFQ=",
"requires": {
"pngjs": "3.3.3"
"pngjs": "3.4.0"
}
},
"pkg-conf": {
@ -9312,9 +9308,9 @@
"integrity": "sha512-2qHaIQr2VLRFoxe2nASzsV6ef4yOOH+Fi9FBOVH6cqeSgUnoyySPZkxzLuzd+RYOQTRpROA0ztTMqxROKSb/nA=="
},
"pngjs": {
"version": "3.3.3",
"resolved": "https://registry.npmjs.org/pngjs/-/pngjs-3.3.3.tgz",
"integrity": "sha512-1n3Z4p3IOxArEs1VRXnZ/RXdfEniAUS9jb68g58FIXMNkPJeZd+Qh4Uq7/e0LVxAQGos1eIUrqrt4FpjdnEd+Q=="
"version": "3.4.0",
"resolved": "https://registry.npmjs.org/pngjs/-/pngjs-3.4.0.tgz",
"integrity": "sha512-NCrCHhWmnQklfH4MtJMRjZ2a8c80qXeMlQMv2uVp9ISJMTt562SbGd6n2oq0PaPgKm7Z6pL9E2UlLIhC+SHL3w=="
},
"pngquant-bin": {
"version": "5.0.1",
@ -10276,9 +10272,9 @@
"integrity": "sha1-NXdOtzW/UPtsB46DM0tHI1AgfXk="
},
"regenerator-runtime": {
"version": "0.11.1",
"resolved": "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.11.1.tgz",
"integrity": "sha512-MguG95oij0fC3QV3URf4V2SDYGJhJnJGqvIIgdECeODCT98wSWDAJ94SSuVpYQUoTcGUIL6L4yNB7j1DFFHSBg=="
"version": "0.13.2",
"resolved": "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.13.2.tgz",
"integrity": "sha512-S/TQAZJO+D3m9xeN1WTI8dLKBBiRgXBlTJvbWjCThHWZj9EvHK70Ff50/tYj2J/fvBY6JtFVwRuazHN2E7M9BA=="
},
"regex-cache": {
"version": "0.4.4",
@ -11322,7 +11318,6 @@
"version": "1.1.2",
"resolved": "https://registry.npmjs.org/string.prototype.trim/-/string.prototype.trim-1.1.2.tgz",
"integrity": "sha1-0E3iyJ4Tf019IG8Ia17S+ua+jOo=",
"dev": true,
"requires": {
"define-properties": "1.1.3",
"es-abstract": "1.13.0",
@ -11873,11 +11868,6 @@
}
}
},
"trim": {
"version": "0.0.1",
"resolved": "https://registry.npmjs.org/trim/-/trim-0.0.1.tgz",
"integrity": "sha1-WFhUf2spB1fulczMZm+1AITEYN0="
},
"trim-newlines": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/trim-newlines/-/trim-newlines-1.0.0.tgz",
@ -12202,7 +12192,7 @@
"resolved": "https://registry.npmjs.org/utif/-/utif-2.0.1.tgz",
"integrity": "sha512-Z/S1fNKCicQTf375lIP9G8Sa1H/phcysstNrrSdZKj1f9g58J4NMgb5IgiEZN9/nLMPDwF0W7hdOe9Qq2IYoLg==",
"requires": {
"pako": "1.0.7"
"pako": "1.0.10"
}
},
"util-deprecate": {
@ -12591,7 +12581,7 @@
"requires": {
"global": "4.3.2",
"is-function": "1.0.1",
"parse-headers": "2.0.1",
"parse-headers": "2.0.2",
"xtend": "4.0.1"
}
},

5
package.json
View File

@ -49,12 +49,13 @@
"imagemin-mozjpeg": "8.0.0",
"imagemin-pngquant": "7.0.0",
"ini": "1.3.5",
"jimp": "0.6.0",
"jimp": "0.6.1",
"mime-types": "2.1.22",
"moment": "2.24.0",
"multer": "1.4.1",
"node-abi": "2.7.1",
"open": "6.0.0",
"pngjs": "3.4.0",
"rand-token": "0.4.0",
"rcedit": "1.1.1",
"rimraf": "2.6.3",
@ -79,7 +80,7 @@
"electron-installer-debian": "1.1.1",
"electron-packager": "13.1.1",
"electron-rebuild": "1.8.4",
"lorem-ipsum": "2.0.0",
"lorem-ipsum": "2.0.1",
"tape": "4.10.1",
"xo": "0.24.0"
},

5
src/public/javascripts/services/protected_session_holder.js
View File

@ -18,10 +18,6 @@ function setProtectedSessionTimeout(encSessTimeout) {
protectedSessionTimeout = encSessTimeout;
}
function getProtectedSessionId() {
return utils.getCookie(PROTECTED_SESSION_ID_KEY);
}
function setProtectedSessionId(id) {
// using session cookie so that it disappears after browser/tab is closed
utils.setSessionCookie(PROTECTED_SESSION_ID_KEY, id);
@ -46,7 +42,6 @@ function touchProtectedSession() {
}
export default {
getProtectedSessionId,
setProtectedSessionId,
resetProtectedSession,
isProtectedSessionAvailable,

13
src/public/javascripts/services/server.js
View File

@ -1,22 +1,13 @@
import protectedSessionHolder from './protected_session_holder.js';
import utils from './utils.js';
import infoService from "./info.js";
function getHeaders() {
let protectedSessionId = null;
try { // this is because protected session might not be declared in some cases
protectedSessionId = protectedSessionHolder.getProtectedSessionId();
}
catch(e) {}
// headers need to be lowercase because node.js automatically converts them to lower case
// so hypothetical protectedSessionId becomes protectedsessionid on the backend
// also avoiding using underscores instead of dashes since nginx filters them out by default
return {
// protectedSessionId is normally carried in cookie, but for electron AJAX requests we bypass
// HTTP so no cookies and we need to pass it here explicitly
'trilium-protected-session-id': protectedSessionId,
// passing it explicitely here because of the electron HTTP bypass
'cookie': document.cookie,
'trilium-source-id': glob.sourceId,
'x-csrf-token': glob.csrfToken
};

45
src/routes/electron.js
View File

@ -2,32 +2,31 @@ const ipcMain = require('electron').ipcMain;
function init(app) {
ipcMain.on('server-request', (event, arg) => {
const req = {};
req.url = arg.url;
req.method = arg.method;
req.body = arg.data;
req.headers = arg.headers;
req.session = {
loggedIn: true
const req = {
url: arg.url,
method: arg.method,
body: arg.data,
headers: arg.headers,
session: {
loggedIn: true
}
};
const res = {
statusCode: 200
};
res.setHeader = function() {};
res.status = function(statusCode) {
res.statusCode = statusCode;
return res;
};
res.send = function(obj) {
event.sender.send('server-response', {
requestId: arg.requestId,
statusCode: res.statusCode,
body: obj
});
statusCode: 200,
getHeader: () => {},
setHeader: () => {},
status: statusCode => {
res.statusCode = statusCode;
return res;
},
send: obj => {
event.sender.send('server-response', {
requestId: arg.requestId,
statusCode: res.statusCode,
body: obj
});
}
};
return app._router.handle(req, res, () => {});

19
src/services/notes.js
View File

@ -307,12 +307,12 @@ async function saveNoteRevision(note) {
const now = new Date();
const noteRevisionSnapshotTimeInterval = parseInt(await optionService.getOption('noteRevisionSnapshotTimeInterval'));
const revisionCutoff = dateUtils.dateStr(new Date(now.getTime() - noteRevisionSnapshotTimeInterval * 1000));
const revisionCutoff = dateUtils.utcDateStr(new Date(now.getTime() - noteRevisionSnapshotTimeInterval * 1000));
const existingNoteRevisionId = await sql.getValue(
"SELECT noteRevisionId FROM note_revisions WHERE noteId = ? AND dateModifiedTo >= ?", [note.noteId, revisionCutoff]);
"SELECT noteRevisionId FROM note_revisions WHERE noteId = ? AND utcDateModifiedTo >= ?", [note.noteId, revisionCutoff]);
const msSinceDateCreated = now.getTime() - dateUtils.parseDateTime(note.dateCreated).getTime();
const msSinceDateCreated = now.getTime() - dateUtils.parseDateTime(note.utcDateCreated).getTime();
if (!existingNoteRevisionId && msSinceDateCreated >= noteRevisionSnapshotTimeInterval * 1000) {
await new NoteRevision({
@ -323,8 +323,10 @@ async function saveNoteRevision(note) {
type: note.type,
mime: note.mime,
isProtected: false, // will be fixed in the protectNoteRevisions() call
utcDateModifiedFrom: note.utcDateModified,
utcDateModifiedTo: dateUtils.utcNowDateTime(),
dateModifiedFrom: note.dateModified,
dateModifiedTo: dateUtils.nowDate()
dateModifiedTo: dateUtils.localNowDateTime()
}).save();
}
}
@ -344,17 +346,12 @@ async function updateNote(noteId, noteUpdates) {
note.isProtected = noteUpdates.isProtected;
await note.save();
const noteContent = await note.getNoteContent();
if (!['file', 'image'].includes(note.type)) {
noteUpdates.noteContent.content = await saveLinks(note, noteUpdates.noteContent.content);
noteUpdates.content = await saveLinks(note, noteUpdates.content);
noteContent.content = noteUpdates.noteContent.content;
await note.setContent(noteUpdates.content);
}
noteContent.isProtected = noteUpdates.isProtected;
await noteContent.save();
if (noteTitleChanged) {
await triggerNoteTitleChanged(note);
}

3
src/services/protected_session.js
View File

@ -15,8 +15,7 @@ function setDataKey(decryptedDataKey) {
}
function setProtectedSessionId(req) {
// cookies is the main storage but for electron header is used when bypassing HTTP
cls.namespace.set('protectedSessionId', req.headers['trilium-protected-session-id'] || req.cookies.protectedSessionId);
cls.namespace.set('protectedSessionId', req.cookies.protectedSessionId);
}
function getProtectedSessionId() {