kenmirrors/firefly-iii
1
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2025-09-30 10:33:30 +00:00
Code Issues Projects Releases Wiki Activity

Add exception catch.

Browse Source
This commit is contained in:
James Cole
2024-03-10 16:44:41 +01:00
parent 530b501fcf
commit f559ec73e0
2 changed files with 20 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/Http/Middleware/SecureHeaders.php
View File

@@ -50,12 +50,12 @@ class SecureHeaders
$csp = [
"default-src 'none'",
"object-src 'none'",
sprintf("script-src 'unsafe-eval' 'strict-dynamic' 'self' 'unsafe-inline' 'nonce-%1s' %2s", $nonce, $trackingScriptSrc),
sprintf("script-src 'unsafe-eval' 'strict-dynamic' 'nonce-%1s' %2s", $nonce, $trackingScriptSrc),
"style-src 'unsafe-inline' 'self'",
"base-uri 'self'",
"font-src 'self' data:",
sprintf("connect-src 'self' %s", $trackingScriptSrc),
sprintf("img-src data: 'strict-dynamic' 'self' *.tile.openstreetmap.org %s", $trackingScriptSrc),
sprintf("img-src 'strict-dynamic' %s", $trackingScriptSrc),
"manifest-src 'self'",
];

12
app/Models/RuleAction.php
View File

@@ -31,6 +31,8 @@ use Illuminate\Database\Eloquent\Builder;
use Illuminate\Database\Eloquent\Casts\Attribute;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
use Illuminate\Support\Facades\Log;
use Symfony\Component\ExpressionLanguage\SyntaxError;
/**
* FireflyIII\Models\RuleAction
@@ -79,13 +81,19 @@ class RuleAction extends Model
public function getValue(array $journal): string
{
if (false === config('firefly.feature_flags.expression_engine')) {
\Log::debug('Expression engine is disabled, returning action value as string.');
Log::debug('Expression engine is disabled, returning action value as string.');
return (string)$this->action_value;
}
$expr = new ActionExpression($this->action_value);
try {
$result = $expr->evaluate($journal);
\Log::debug(sprintf('Expression engine is enabled, result of expression "%s" is "%s".', $this->action_value, $result));
} catch (SyntaxError $e) {
Log::error(sprintf('Expression engine failed to evaluate expression "%s" with error "%s".', $this->action_value, $e->getMessage()));
$result = (string)$this->action_value;
}
Log::debug(sprintf('Expression engine is enabled, result of expression "%s" is "%s".', $this->action_value, $result));
return $result;
}