chore(lint): avoid control regex in download sanitizer

2026-05-30 17:26:53 +00:00 · 2026-02-14 13:12:17 +01:00
parent eec5dd898e
commit 8779ad7f98
1 changed files with 9 additions and 1 deletions
--- a/src/browser/pw-tools-core.downloads.ts
+++ b/src/browser/pw-tools-core.downloads.ts
@@ -28,7 +28,15 @@ function sanitizeDownloadFileName(fileName: string): string {
  // path separators/traversal can't escape the downloads dir on any platform.
  let base = path.posix.basename(trimmed);
  base = path.win32.basename(base);
-  base = base.replace(/[\u0000-\u001f\u007f]/g, "").trim();
+  let cleaned = "";
+  for (let i = 0; i < base.length; i++) {
+    const code = base.charCodeAt(i);
+    if (code < 0x20 || code === 0x7f) {
+      continue;
+    }
+    cleaned += base[i];
+  }
+  base = cleaned.trim();

  if (!base || base === "." || base === "..") {
    return "download.bin";