security(phase-9): complete security hardening

- Add safeJsonParse utility with schema validation - Migrate tokens to OS keyring storage - Add Ed25519 key encryption at rest - Enable WSS configuration option - Fix JSON.parse in HandParamsForm, WorkflowEditor, WorkflowList - Update test mock data to match valid status values Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-15 19:22:51 +08:00
parent e3d164e9d2
commit a6b1255dc0
10 changed files with 499 additions and 74 deletions
--- a/desktop/src/components/WorkflowList.tsx
+++ b/desktop/src/components/WorkflowList.tsx
@@ -23,6 +23,7 @@ import {
  Loader2,
  X,
 } from 'lucide-react';
+import { safeJsonParse } from '../lib/json-utils';

 // === View Toggle Types ===

@@ -44,12 +45,12 @@ function ExecuteModal({ workflow, isOpen, onClose, onExecute, isExecuting }: Exe
  const handleExecute = async () => {
    let parsedInput: Record<string, unknown> | undefined;
    if (input.trim()) {
-      try {
-        parsedInput = JSON.parse(input);
-      } catch {
-        alert('输入格式错误，请使用有效的 JSON 格式。');
+      const result = safeJsonParse<Record<string, unknown>>(input);
+      if (!result.success) {
+        alert('Input format error, please use valid JSON format.');
        return;
      }
+      parsedInput = result.data;
    }
    await onExecute(workflow.id, parsedInput);
    setInput('');