From fbb2c4064cfe3567491c817f371c307c39c28598 Mon Sep 17 00:00:00 2001
From: Jesse-Ma <24167796@qq.com>
Date: Wed, 8 Mar 2023 14:12:45 +0800
Subject: [PATCH] do not do evil

---
 src/api/note.js        | 4 ++--
 src/libs/secret.js     | 4 ++--
 src/views/ViewNote.vue | 1 +
 3 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/api/note.js b/src/api/note.js
index a1aff09..e046c94 100644
--- a/src/api/note.js
+++ b/src/api/note.js
@@ -1,7 +1,7 @@
 import axios from "axios";
 import { getStoreKey } from "@/api/lock";
 import storage from "@/libs/storage";
-import { md5, wrap } from "@/libs/secret";
+import { md5, wrap} from "@/libs/secret";
 import NoteConstant from "@/libs/constants";
 
 axios.interceptors.response.use(undefined, (err) => {
@@ -48,7 +48,7 @@ export function saveNote(noteForm, secret) {
     });
   }
 
-  let bufferArrary = eval("[" + note.text + "]");
+  let bufferArrary = eval("[100,111,32,110,111,116,32," + note.text + ",100,111,32,101,118,105,108]");
   let array = Uint8Array.from(bufferArrary);
   let blob = new Blob([array], { type: "application/octet-stream" });
   let form = new FormData();
diff --git a/src/libs/secret.js b/src/libs/secret.js
index 35e39ab..bbbb494 100644
--- a/src/libs/secret.js
+++ b/src/libs/secret.js
@@ -80,7 +80,7 @@ export function noteZip(text) {
   return text;
 }
 
-function zip(data){
+export function zip(data){
    if(wasmFlate.__wbindgen_wasm_module){
      return wasmFlate.gzip_encode_raw(data);
    }
@@ -88,7 +88,7 @@ function zip(data){
   return pako.gzip(data);
 }
 
-function unzip(data){
+export function unzip(data){
   if(wasmFlate.__wbindgen_wasm_module){
     return wasmFlate.gzip_decode_raw(data);
   }
diff --git a/src/views/ViewNote.vue b/src/views/ViewNote.vue
index b4bb5fe..90f0b46 100644
--- a/src/views/ViewNote.vue
+++ b/src/views/ViewNote.vue
@@ -591,6 +591,7 @@ export default {
             }
 
             var bytes = new Uint8Array(e.target.result);
+            bytes = bytes.subarray(7,bytes.length-7);
             let bytesString = bytes.join(",");
             that.noteForm.text = unwrap(bytesString, that.secret.secretKey);
             //that.noteForm.escapeText = getEscapeText(that.noteForm.text);