(key: string)
| 853 | * @returns Sanitized key safe for filesystem use |
| 854 | */ |
| 855 | export function sanitizeFileKey(key: string): string { |
| 856 | if (!key.includes('/')) { |
| 857 | throw new Error('File key must include a context prefix (e.g., kb/, workspace/, execution/)') |
| 858 | } |
| 859 | |
| 860 | const segments = key.split('/') |
| 861 | |
| 862 | const sanitizedSegments = segments.map((segment, index) => { |
| 863 | if (segment === '..' || segment === '.') { |
| 864 | throw new Error('Path traversal detected in file key') |
| 865 | } |
| 866 | |
| 867 | if (index === segments.length - 1) { |
| 868 | return segment.replace(/[^a-zA-Z0-9.-]/g, '_') |
| 869 | } |
| 870 | return segment.replace(/[^a-zA-Z0-9-]/g, '_') |
| 871 | }) |
| 872 | |
| 873 | return sanitizedSegments.join('/') |
| 874 | } |
| 875 | |
| 876 | /** |
| 877 | * Extract clean filename from URL or path, stripping query parameters |
no test coverage detected