indexeddb: Use UUIDs instead of sanitization of object store names (#38944)

Sanitization of object store names brought some problems because of replacing special characters and making it impossible to have certain object store names that are allowed by the spec. These changes make sure deterministic UUIDs are used for file paths plus object store names are inserted into SQLite without sanitization. Testing: Covered by existing tests and new unit tests were added. Fixes: #37569 --------- Signed-off-by: Rodion Borovyk <rodion.borovyk@gmail.com>
2025-09-30 08:39:16 +01:00 · 2025-08-27 13:41:19 +02:00 · 2025-08-27 13:41:19 +02:00 · 0089e652c5
commit 0089e652c5
parent 559b05c1b3
6 changed files with 119 additions and 111 deletions
--- a/components/net/indexeddb/engines/mod.rs
+++ b/components/net/indexeddb/engines/mod.rs
@ -11,41 +11,8 @@ pub use self::sqlite::SqliteEngine;

 mod sqlite;

-#[derive(Clone, Eq, Hash, PartialEq)]
-pub struct SanitizedName {
-    name: String,
-}
-
-impl SanitizedName {
-    pub fn new(name: String) -> SanitizedName {
-        let name = name.replace("https://", "");
-        let name = name.replace("http://", "");
-        // FIXME:(arihant2math) Disallowing special characters might be a big problem,
-        // but better safe than sorry. E.g. the db name '../other_origin/db',
-        // would let us access databases from another origin.
-        let name = name
-            .chars()
-            .map(|c| match c {
-                'A'..='Z' => c,
-                'a'..='z' => c,
-                '0'..='9' => c,
-                '-' => c,
-                '_' => c,
-                _ => '-',
-            })
-            .collect();
-        SanitizedName { name }
-    }
-}
-
-impl std::fmt::Display for SanitizedName {
-    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
-        write!(f, "{}", self.name)
-    }
-}
-
 pub struct KvsOperation {
-    pub store_name: SanitizedName,
+    pub store_name: String,
    pub operation: AsyncOperation,
 }

@ -62,14 +29,14 @@ pub trait KvsEngine {

    fn create_store(
        &self,
-        store_name: SanitizedName,
+        store_name: &str,
        key_path: Option<KeyPath>,
        auto_increment: bool,
    ) -> Result<CreateObjectResult, Self::Error>;

-    fn delete_store(&self, store_name: SanitizedName) -> Result<(), Self::Error>;
+    fn delete_store(&self, store_name: &str) -> Result<(), Self::Error>;

-    fn close_store(&self, store_name: SanitizedName) -> Result<(), Self::Error>;
+    fn close_store(&self, store_name: &str) -> Result<(), Self::Error>;

    fn delete_database(self) -> Result<(), Self::Error>;

@ -78,22 +45,18 @@ pub trait KvsEngine {
        transaction: KvsTransaction,
    ) -> oneshot::Receiver<Option<Vec<u8>>>;

-    fn has_key_generator(&self, store_name: SanitizedName) -> bool;
-    fn key_path(&self, store_name: SanitizedName) -> Option<KeyPath>;
+    fn has_key_generator(&self, store_name: &str) -> bool;
+    fn key_path(&self, store_name: &str) -> Option<KeyPath>;

    fn create_index(
        &self,
-        store_name: SanitizedName,
+        store_name: &str,
        index_name: String,
        key_path: KeyPath,
        unique: bool,
        multi_entry: bool,
    ) -> Result<CreateObjectResult, Self::Error>;
-    fn delete_index(
-        &self,
-        store_name: SanitizedName,
-        index_name: String,
-    ) -> Result<(), Self::Error>;
+    fn delete_index(&self, store_name: &str, index_name: String) -> Result<(), Self::Error>;

    fn version(&self) -> Result<u64, Self::Error>;
    fn set_version(&self, version: u64) -> Result<(), Self::Error>;