BetterCorp/BetterFrame
1
0
Fork 0
mirror of https://github.com/BetterCorp/BetterFrame.git synced 2026-05-26 21:26:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

fix: URL-encode RTSP credentials to handle special chars like @

Browse source
This commit is contained in:
Mitchell R 2026-05-10 04:03:23 +02:00
parent a88e3f5c72
commit 9827e456b3
No known key found for this signature in database
1 changed files with 13 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
server/src/plugins/service-admin-http/routes-admin.ts
View file

@ -24,6 +24,17 @@ import {
} from "../../web-templates/admin-pages.js"; } from "../../web-templates/admin-pages.js";
import type { LayoutTemplate, Display } from "../../shared/types.js"; import type { LayoutTemplate, Display } from "../../shared/types.js";
function sanitizeRtspUrl(raw: string): string {
const match = raw.match(/^(rtsp:\/\/)([^@]+)@(.+)$/);
if (!match) return raw;
const [, scheme, userinfo, rest] = match;
const colonIdx = userinfo!.indexOf(":");
if (colonIdx < 0) return raw;
const user = encodeURIComponent(userinfo!.slice(0, colonIdx));
const pass = encodeURIComponent(userinfo!.slice(colonIdx + 1));
return `${scheme}${user}:${pass}@${rest}`;
}
export function registerAdminRoutes(app: H3, deps: AdminDeps): void { export function registerAdminRoutes(app: H3, deps: AdminDeps): void {
// ---- Overview ------------------------------------------------------------- // ---- Overview -------------------------------------------------------------
@ -94,7 +105,7 @@ export function registerAdminRoutes(app: H3, deps: AdminDeps): void {
let onvifPass: string | undefined; let onvifPass: string | undefined;
if (type === "rtsp") { if (type === "rtsp") {
rtspUrl = (body?.["rtsp_url"] ?? "").trim(); rtspUrl = sanitizeRtspUrl((body?.["rtsp_url"] ?? "").trim());
if (!rtspUrl) errors.push("RTSP URL required."); if (!rtspUrl) errors.push("RTSP URL required.");
} else if (type === "onvif") { } else if (type === "onvif") {
onvifHost = (body?.["onvif_host"] ?? "").trim(); onvifHost = (body?.["onvif_host"] ?? "").trim();
@ -523,7 +534,7 @@ export function registerAdminRoutes(app: H3, deps: AdminDeps): void {
const body = await readBody<Record<string, string>>(event); const body = await readBody<Record<string, string>>(event);
deps.repo.updateCamera(id, { deps.repo.updateCamera(id, {
name: body?.["name"], name: body?.["name"],
rtsp_url: body?.["rtsp_url"] || null, rtsp_url: body?.["rtsp_url"] ? sanitizeRtspUrl(body["rtsp_url"]) : null,
onvif_host: body?.["onvif_host"] || null, onvif_host: body?.["onvif_host"] || null,
onvif_port: body?.["onvif_port"] ? Number(body["onvif_port"]) : null, onvif_port: body?.["onvif_port"] ? Number(body["onvif_port"]) : null,
onvif_username: body?.["onvif_username"] || null, onvif_username: body?.["onvif_username"] || null,