Commented out insecure parts of the code until secured/removed

jgraph · May 18, 2022 · daa4eb7 · daa4eb7
1 parent 5cf8fdc
commit daa4eb7
Showing 1 changed file with 8 additions and 5 deletions.
diff --git a/export.js b/export.js
@@ -4,7 +4,7 @@ const winston = require('winston');
 const compression = require('compression');
 const puppeteer = require('puppeteer');
 const zlib = require('zlib');
-const fetch = (...args) => import('node-fetch').then(({default: fetch}) => fetch(...args));
+//const fetch = (...args) => import('node-fetch').then(({default: fetch}) => fetch(...args));
 const crc = require('crc');
 const PDFDocument = require('pdf-lib').PDFDocument;
 const fs = require("fs").promises;
@@ -353,7 +353,8 @@ else
 			Object.assign(req.body, req.params, req.query);
 
 			// Checks for HTML export request
-			if (req.body.html)
+			// Removed until we secure it
+			/*if (req.body.html)
 			{
 				var html = req.body.html;
 
@@ -412,18 +413,20 @@ else
 					throw e;
 				}
 			}
-			else
+			else*/
 			{	
 				var xml;
-				if (req.body.url)
+
+				// Removed until we secure it. Remember to add back the fetch import
+				/*if (req.body.url)
 				{
 					var urlRes = await fetch(req.body.url);
 					xml = await urlRes.text();
 					
 					if (req.body.format == null)
 						req.body.format = 'png';
 				}
-				else if (req.body.xmldata)
+				else*/ if (req.body.xmldata)
 				{
 					try
 					{