-
Notifications
You must be signed in to change notification settings - Fork 301
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(@toss/utils): correct hex validation to prevent unexpected color parsing #458
Conversation
👷 Deploy request for slash-libraries pending review.Visit the deploys page to approve it
|
@BO-LIKE-CHICKEN Hi! 👋 In my opinion, it becomes simpler and more readable..! The code below passes both the existing and added test code!! 💪 (+) Additionally, slash should be written in + export function isValidHexValue(hex: string) {
+ const regex = /^#?[0-9A-Fa-f]{6}$/;
+ return regex.test(hex);
+ }
export function hexToRgba(hex: string, alpha = 1) {
+ if (!isValidHexValue(hex)) {
+ throw new Error(`Invalid hex value: ${hex}`);
+ }
if (!isAlphaValue(alpha)) {
throw new Error(`Invalid alpha value(0~1): ${alpha}`);
}
const normalizedHex = hex.startsWith('#') ? hex.slice(1) : hex;
- if (normalizedHex.length !== 6) {
- throw new Error(`잘못된 normalizedHex 값의 길이입니다. 정확히 6자리여야 합니다: ${normalizedHex}`);
- }
const r = parseHexValueStr(normalizedHex.slice(0, 2));
const g = parseHexValueStr(normalizedHex.slice(2, 4));
const b = parseHexValueStr(normalizedHex.slice(4, 6));
- if ([r, g, b].some(value => Number.isNaN(value) || !isRGBDecimalValue(value))) {
- throw new Error(`잘못된 hex값 입니다: ${hex}`);
- }
return `rgba(${r},${g},${b},${alpha})`;
} |
@ssi02014 Hello! First, the content you've suggested looks entirely valid :) Initially, I added features trying not to significantly alter the existing codebase structure. However, if it's possible to make changes for better functionality, it seems appropriate to modify it as you suggested. Additionally, thank you for letting me know that I am gradually changing from using Korean in slashes to English, and that I am incrementally changing existing code written in Korean! Therefore, as you suggested, I have modified the code and further enhanced it by:
These changes will enhance the readability of the code and make it easier for developers to understand by clearly defining the cases I support. Thank you for your suggestion! |
@BO-LIKE-CHICKEN |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This seems more accurate. Thanks!
@raon0211 is attempting to deploy a commit to the Toss Team on Vercel. A member of the Team first needs to authorize it. |
@BO-LIKE-CHICKEN Cool! |
Overview
While working on a project that exclusively uses Hex color codes, I discovered that converting existing library variables to RGBA format does not properly handle formats like #FFFFFF80. Upon further inspection of the library, I identified several issues.
The library determines the color format based on the string's length, allowing for errors like
e3e3e33
(an accidental extra '3') to pass through tests. This could potentially lead to unintended side effects, such as:The library does not support Hex Colors with alpha values, like #FFFFFF80. This issue was not addressed in the pull request, as it seems to require a policy decision on handling alpha values in Hex colors.
The library does not support shorthand Hex Colors like #FFF. Although the existing test cases already throw errors for this format, I've only added more test cases to cover these scenarios.
Issue 1 clearly presents a problem, while the approach to addressing issues 2 and 3 is left to your discretion.
PR Checklist