Fix doubly sanitized strings (#727)

* Add migration to de-sanitize database strings * Remove SanitizationHelper functions related to XML sanitization * Remove sanitization usage from website * Implement suggested changes
2025-07-30 08:48:39 +00:00 · 2023-03-30 18:03:08 -05:00 · 2023-03-30 18:03:08 -05:00 · 50d1d9c7e5
commit 50d1d9c7e5
parent f5c8f53437
12 changed files with 26 additions and 66 deletions
--- a/ProjectLighthouse.Servers.GameServer/Controllers/FriendsController.cs
+++ b/ProjectLighthouse.Servers.GameServer/Controllers/FriendsController.cs
@ -34,8 +34,6 @@ public class FriendsController : ControllerBase
        NPData? npData = await this.DeserializeBody<NPData>();
        if (npData == null) return this.BadRequest();

-        SanitizationHelper.SanitizeStringsInClass(npData);
-
        List<UserEntity> friends = new();
        foreach (string friendName in npData.Friends ?? new List<string>())
        {
--- a/ProjectLighthouse.Servers.GameServer/Controllers/ReportController.cs
+++ b/ProjectLighthouse.Servers.GameServer/Controllers/ReportController.cs
@ -37,8 +37,6 @@ public class ReportController : ControllerBase
        GameGriefReport? report = await this.DeserializeBody<GameGriefReport>();
        if (report == null) return this.BadRequest();

-        SanitizationHelper.SanitizeStringsInClass(report);
-
        if (string.IsNullOrWhiteSpace(report.JpegHash)) return this.BadRequest();

        if (!FileHelper.ResourceExists(report.JpegHash)) return this.BadRequest();
--- a/ProjectLighthouse.Servers.GameServer/Controllers/Resources/PhotosController.cs
+++ b/ProjectLighthouse.Servers.GameServer/Controllers/Resources/PhotosController.cs
@ -42,8 +42,6 @@ public class PhotosController : ControllerBase
        GamePhoto? photo = await this.DeserializeBody<GamePhoto>();
        if (photo == null) return this.BadRequest();

-        SanitizationHelper.SanitizeStringsInClass(photo);
-
        foreach (PhotoEntity p in this.database.Photos.Where(p => p.CreatorId == user.UserId))
        {
            if (p.LargeHash == photo.LargeHash) return this.Ok(); // photo already uplaoded
--- a/ProjectLighthouse.Servers.GameServer/Controllers/Slots/ScoreController.cs
+++ b/ProjectLighthouse.Servers.GameServer/Controllers/Slots/ScoreController.cs
@ -95,8 +95,6 @@ public class ScoreController : ControllerBase
            return this.BadRequest();
        }

-        SanitizationHelper.SanitizeStringsInClass(score);
-
        int slotId = id;

        if (slotType == "developer") slotId = await SlotHelper.GetPlaceholderSlotId(this.database, slotId, SlotType.Developer);
--- a/ProjectLighthouse.Servers.GameServer/Controllers/UserController.cs
+++ b/ProjectLighthouse.Servers.GameServer/Controllers/UserController.cs
@ -72,8 +72,6 @@ public class UserController : ControllerBase

        if (update == null) return this.BadRequest();

-        SanitizationHelper.SanitizeStringsInClass(update);
-
        if (update.Biography != null)
        {
            if (update.Biography.Length > 512) return this.BadRequest();