diff --git a/charts/brokencrystals/Chart.yaml b/charts/brokencrystals/Chart.yaml index 30db216c..ab54f1b5 100644 --- a/charts/brokencrystals/Chart.yaml +++ b/charts/brokencrystals/Chart.yaml @@ -4,7 +4,7 @@ description: | Benchmark application that uses modern technologies and implements a set of common security vulnerabilities type: application -version: 0.0.60 +version: 0.0.61 keywords: - brokencrystals - brkn diff --git a/src/products/products.controller.ts b/src/products/products.controller.ts index 91ae3429..be7f1021 100644 --- a/src/products/products.controller.ts +++ b/src/products/products.controller.ts @@ -37,6 +37,15 @@ export class ProductsController { constructor(private readonly productsService: ProductsService) {} + private parseDate(dateString: string): Date { + const dateParts = dateString.split('-'); + const year = parseInt(dateParts[2], 10); + const month = parseInt(dateParts[1], 10) - 1; + const day = parseInt(dateParts[0], 10); + + return new Date(year, month, day); + } + @Get() @UseGuards(AuthGuard) @JwtType(JwtProcessorType.RSA) @@ -67,10 +76,14 @@ export class ProductsController { let df = new Date(new Date().setFullYear(new Date().getFullYear() - 1)); let dt = new Date(); if (dateFrom) { - df = new Date(`${dateFrom} 00:00:00.000Z`); + df = this.parseDate(dateFrom); } if (dateTo) { - dt = new Date(`${dateTo} 00:00:00.000Z`); + dt = this.parseDate(dateTo); + } + + if (isNaN(df.getTime()) || isNaN(dt.getTime())) { + throw new BadRequestException('Invalid date format'); } const allProducts = await this.productsService.findAll(df, dt);