reverted ansi-regex update (not an ESmodule); minor sanitation fix

suculent · Apr 29, 2022 · faf4748 · faf4748
1 parent 7ed38dd
commit faf4748
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 5 deletions.
diff --git a/.snyk b/.snyk
@@ -1,5 +1,9 @@
 # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
 version: v1.19.0
+
+exclude:
+ global:
+   - spec/** 
 # ignores vulnerabilities until expiry date; change duration by modifying expiry date
 ignore:
   SNYK-JS-101-1292345:

diff --git a/lib/router.auth.js b/lib/router.auth.js
@@ -300,7 +300,7 @@ module.exports = function (app) {
             req.session.cookie.maxAge = maxAge;
             res.cookie("x-thx-core", maxAge, {
                 maxAge: maxAge,
-                httpOnly: false,
+                httpOnly: true,
                 secure: false,
                 domain: short_domain
             });

diff --git a/lib/router.deviceapi.js b/lib/router.deviceapi.js
@@ -88,13 +88,16 @@ module.exports = function (app) {
 
   app.post("/device/addpush", function (req, res) {
 
-    if ((typeof (req.body) === "undefined")) {
+    if (!Util.isDefined(req.body)) {
       return Util.responder(res, false, "no_body");
     }
 
-    let body = req.body;
+    let push = req.body.push;
+    if (!Util.isDefined(push)) {
+      return Util.responder(res, false, "no_data");
+    }
 
-    let token = sanitka.pushToken(body.push);
+    let token = sanitka.pushToken(push);
     if (token === null) return Util.responder(res, false, "no_token");
 
     let api_key = sanitka.apiKey(req.headers.authentication);

diff --git a/package.json b/package.json
@@ -98,7 +98,7 @@
   "overrides": {
     "async": "2.6.4",
     "json-schema": "0.4.0",
-    "ansi-regex": "6.0.1",
+    "ansi-regex": "5.0.1",
     "jsprim": "1.4.2",
     "string-width": "4.2.3",
     "strip-ansi": "6.0.1",