Invalid value separator
dominikfiala opened this issue · comments
Invalid characters used as a value separator instead of a standard comma are ignored by both validator
and schedule
.
Consider this obviously invalid CRON expression (see crontab.guru):
1;2;3 * * * *
Validation passes (which is wrong), plus the scheduler represents it as "every first minute of every hour", instead of "every first, second and third minute of every hour".
I investigated and the problem is in normalizeIntegers()
that utilizes native JS function parseInt()
(see below), which behaves in unexpected ways.
node-cron/src/convert-expression/index.js
Line 27 in 27e1140
If it is supplied with beforementioned string "1;2;3"
, it evaluates to 1
.
I prepared a fix and added tests for this behavior in a fork, will make a pull request.
My suggestion is to validate the pattern string agains characters available in a CRON syntax. My implementation allows for alphanumeric chars, dash, asterisk, forward slash, comma and space.
The suggested regex is /^[a-zA-Z0-9-*/, ]+$/
. It may not be perfect, but it passes all the tests already included in the codebase.