Input validation and error handling for secretsMode param

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
This commit is contained in:
Jakub Trávník 2025-12-01 17:07:24 +01:00 committed by GitHub
parent 7f966b504b
commit eaca5abde5
No known key found for this signature in database
GPG key ID: B5690EEEBB952194

View file

@ -67,7 +67,13 @@ function parseExportParams(c: Context): ExportParams {
const includeIds = c.req.query("includeIds") !== "false";
const includeTimestamps = c.req.query("includeTimestamps") !== "false";
const includeRuntimeState = c.req.query("includeRuntimeState") === "true";
const secretsMode = (c.req.query("secretsMode") as SecretsMode) || "exclude";
const secretsModeRaw = c.req.query("secretsMode");
const allowedSecretsModes: SecretsMode[] = ["exclude", "encrypted", "cleartext"];
const secretsMode: SecretsMode = secretsModeRaw
? (allowedSecretsModes.includes(secretsModeRaw as SecretsMode)
? (secretsModeRaw as SecretsMode)
: (() => { throw new Error("Invalid secretsMode parameter"); })())
: "exclude";
const excludeKeys = getExcludeKeys(includeIds, includeTimestamps, includeRuntimeState);
return { includeIds, includeTimestamps, secretsMode, excludeKeys };
}