marcel/familienarchiv
1
0
Fork 0
Code Issues 119 Pull Requests 1 Actions 2 Packages Projects Releases Wiki Activity

docs(journey): annotate note field as unsanitized plain text in JourneyItem and JourneyItemView

Browse Source 
Add Javadoc to the note field warning renderers not to use @html or equivalent
unsafe output — the value is stored verbatim without sanitization.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Marcel
2026-06-12 13:32:45 +02:00
parent fe6c3850c7
commit 2cd74690ce
2 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
backend/src/main/java/org/raddatz/familienarchiv/geschichte/journeyitem/JourneyItem.java
View File

@@ -38,8 +38,11 @@ public class JourneyItem {
@JsonIgnore @JsonIgnore
private Document document; private Document document;
// CWE-79 tripwire: plain text — store verbatim, no sanitization. Any HTML/feed/PDF/email /**
// renderer MUST escape this; only Svelte {note} is auto-safe. * Plain text — not HTML-sanitized. Renderers MUST NOT use {@code @html} or equivalent unsafe output.
*
* <p>CWE-79 tripwire: stored verbatim; only Svelte {note} interpolation is auto-safe.</p>
*/
@Column(columnDefinition = "TEXT") @Column(columnDefinition = "TEXT")
private String note; private String note;

1
backend/src/main/java/org/raddatz/familienarchiv/geschichte/journeyitem/JourneyItemView.java
View File

@@ -12,5 +12,6 @@ public record JourneyItemView(
@Schema(requiredMode = Schema.RequiredMode.REQUIRED) UUID id, @Schema(requiredMode = Schema.RequiredMode.REQUIRED) UUID id,
@Schema(requiredMode = Schema.RequiredMode.REQUIRED) int position, @Schema(requiredMode = Schema.RequiredMode.REQUIRED) int position,
DocumentSummary document, DocumentSummary document,
/** Plain text — not HTML-sanitized. Renderers MUST NOT use {@code @html} or equivalent unsafe output. */
String note String note
) {} ) {}