escaping special chars for events (#12872)

Escaping newly discovered special chars for events - \x00 is a Unicode for nul - \x7f is a Unicode for delete Edit: i initially, just in case after looking at the logs, i removed the single quotes as well (there are fobiden in the standard RFC 5545) but after reflexion other props than icalUID rely on this sanitization so leaving as such. It should already be taken care of anyway by typeorm Ref sentry : https://twenty-v7.sentry.io/issues/6567295627/?environment=prod&environment=prod-eu&project=4507072499810304&query=&referrer=issue-stream&stream_index=13 Fixes https://github.com/twentyhq/twenty/issues/12827
2025-06-26 14:27:26 +02:00
parent 2d774767c0
commit fa09adee8e
2 changed files with 37 additions and 11 deletions
--- a/packages/twenty-server/src/modules/calendar/calendar-event-import-manager/drivers/google-calendar/utils/tests/format-google-calendar-event.util.spec.ts
+++ b/packages/twenty-server/src/modules/calendar/calendar-event-import-manager/drivers/google-calendar/utils/tests/format-google-calendar-event.util.spec.ts
@ -1,4 +1,5 @@
 import { calendar_v3 as calendarV3 } from 'googleapis';
+import { EachTestingContext } from 'twenty-shared/testing';

 import { formatGoogleCalendarEvents } from 'src/modules/calendar/calendar-event-import-manager/drivers/google-calendar/utils/format-google-calendar-event.util';
 import { CalendarEventParticipantResponseStatus } from 'src/modules/calendar/common/standard-objects/calendar-event-participant.workspace-entity';
@ -77,23 +78,48 @@ describe('formatGoogleCalendarEvents', () => {
    );
  });

-  it('should sanitize a UCALID with improper exit char 0x00', () => {
+  const testCases: EachTestingContext<{ input: string; expected: string }>[] = [
+    {
+      title: 'should sanitize a UCALID with \u0000',
+      context: {
+        input: '\u0000eventStrange@google.com',
+        expected: 'eventStrange@google.com',
+      },
+    },
+    {
+      title: 'should sanitize a UCALID with \u0000',
+      context: {
+        input: '>\u0000\u0015-;_<>^<5E>W&<26>p\u001f<31>',
+        expected: '>\u0015-;_<>^<5E>W&<26>p\u001f<31>',
+      },
+    },
+    {
+      title: 'should sanitize a UCALID with \x00',
+      context: {
+        input: '<27>\u0002<30><32>y<EFBFBD>_΢<5F>\u0013<31><33>\x00',
+        expected: '<27>\u0002<30><32>y<EFBFBD>_΢<5F>\u0013<31><33>',
+      },
+    },
+
+    {
+      title: 'should sanitize a UCALID with del',
+      context: {
+        input: 'del<65>\u0002<30><32>y<EFBFBD>_΢<5F>\u0013<33><7F>',
+        expected: 'del<65>\u0002<30><32>y<EFBFBD>_΢<5F>\u0013<31><33>',
+      },
+    },
+  ];
+
+  it.each(testCases)('$title', ({ context }) => {
    const mockGoogleEventWithImproperUcalid: calendarV3.Schema$Event = {
      ...mockGoogleEvent,
-      iCalUID: '\u0000eventStrange@google.com',
-    };
-
-    const mockGoogleEventWithImproperUcalid2: calendarV3.Schema$Event = {
-      ...mockGoogleEvent,
-      iCalUID: '>\u0000\u0015-;_<>^<5E>W&<26>p\u001f<31>',
+      iCalUID: context.input,
    };

    const result = formatGoogleCalendarEvents([
      mockGoogleEventWithImproperUcalid,
-      mockGoogleEventWithImproperUcalid2,
    ]);

-    expect(result[0].iCalUID).toBe('eventStrange@google.com');
-    expect(result[1].iCalUID).toBe('>\u0015-;_<>^<5E>W&<26>p\u001f<31>');
+    expect(result[0].iCalUID).toBe(context.expected);
  });
 });
--- a/packages/twenty-server/src/modules/calendar/calendar-event-import-manager/drivers/utils/sanitizeCalendarEvent.ts
+++ b/packages/twenty-server/src/modules/calendar/calendar-event-import-manager/drivers/utils/sanitizeCalendarEvent.ts
@ -23,5 +23,5 @@ export const sanitizeCalendarEvent = <T extends Record<string, any>>(
 };

 const sanitizeString = (value: string): string => {
-  return value.replace('\u0000', '');
+  return value.replace('\u0000', '').replace('\x00', '').replace('\x7f', '');
 };