@@ -28,12 +28,21 @@ if (!globalThis.pdfSessions) {
2828
2929const sessions : Map < string , PDFSession > = globalThis . pdfSessions ;
3030
31+ const MAX_LOG_VALUE_LENGTH = 200 ;
32+
33+ function sanitizeForLog ( value : string ) : string {
34+ if ( ! value ) return "" ;
35+ const trimmed = value . replace ( / [ \r \n \t ] + / g, " " ) . replace ( / [ ^ \x20 - \x7E ] / g, "" ) ;
36+ return trimmed . length > MAX_LOG_VALUE_LENGTH ? `${ trimmed . slice ( 0 , MAX_LOG_VALUE_LENGTH ) } ...` : trimmed ;
37+ }
38+
3139// Clean up inactive sessions (older than 1 hour)
3240function cleanupInactiveSessions ( ) {
3341 const oneHourAgo = new Date ( Date . now ( ) - 60 * 60 * 1000 ) ;
3442 for ( const [ sessionId , session ] of Array . from ( sessions . entries ( ) ) ) {
3543 if ( session . lastActivity < oneHourAgo ) {
36- console . log ( `Cleaning up inactive session: ${ sessionId } ` ) ;
44+ const safeSessionId = sanitizeForLog ( sessionId ) ;
45+ console . log ( "Cleaning up inactive session:" , safeSessionId ) ;
3746 // Close all clients in the session
3847 session . clients . forEach ( ( client : ReadableStreamDefaultController ) => {
3948 try {
@@ -51,6 +60,8 @@ function cleanupInactiveSessions() {
5160setInterval ( cleanupInactiveSessions , 30 * 60 * 1000 ) ;
5261
5362export function getOrCreateSession ( sessionId : string , userId : string ) : PDFSession {
63+ const safeSessionId = sanitizeForLog ( sessionId ) ;
64+ const safeUserId = sanitizeForLog ( userId ) ;
5465 let session = sessions . get ( sessionId ) ;
5566
5667 if ( ! session ) {
@@ -62,7 +73,7 @@ export function getOrCreateSession(sessionId: string, userId: string): PDFSessio
6273 lastActivity : new Date ( ) ,
6374 } ;
6475 sessions . set ( sessionId , session ) ;
65- console . log ( ` Created new PDF session: ${ sessionId } for user: ${ userId } ` ) ;
76+ console . log ( " Created new PDF session" , safeSessionId , " for user" , safeUserId ) ;
6677 } else {
6778 // Verify user owns this session (allow anonymous/authenticated user mixing for development)
6879 const isUserMatch =
@@ -84,20 +95,22 @@ export function getOrCreateSession(sessionId: string, userId: string): PDFSessio
8495}
8596
8697export function addClient ( controller : ReadableStreamDefaultController , sessionId : string , userId : string ) {
87- console . log ( `Adding new PDF API client for session: ${ sessionId } , user: ${ userId } ` ) ;
98+ const safeSessionId = sanitizeForLog ( sessionId ) ;
99+ const safeUserId = sanitizeForLog ( userId ) ;
100+ console . log ( "Adding new PDF API client for session" , safeSessionId , "user" , safeUserId ) ;
88101
89102 const session = getOrCreateSession ( sessionId , userId ) ;
90103 session . clients . push ( controller ) ;
91104
92- console . log ( ` Total clients in session ${ sessionId } :` , session . clients . length ) ;
105+ console . log ( " Total clients in session" , safeSessionId , session . clients . length ) ;
93106
94107 // Send initial connection message
95108 const connectionMessage = `data: ${ JSON . stringify ( { type : "connected" , sessionId, userId } ) } \n\n` ;
96109 console . log ( "Sending connection message:" , connectionMessage ) ;
97110 controller . enqueue ( connectionMessage ) ;
98111
99112 // Send any queued commands for this session
100- console . log ( ` Sending queued commands for session ${ sessionId } :` , session . commandQueue . length ) ;
113+ console . log ( " Sending queued commands for session" , safeSessionId , session . commandQueue . length ) ;
101114 session . commandQueue . forEach ( command => {
102115 const message = `data: ${ JSON . stringify ( command ) } \n\n` ;
103116 console . log ( "Sending queued command:" , message ) ;
@@ -109,18 +122,19 @@ export function addClient(controller: ReadableStreamDefaultController, sessionId
109122}
110123
111124export function removeClient ( controller : ReadableStreamDefaultController , sessionId : string ) {
112- console . log ( `Removing PDF API client from session: ${ sessionId } ` ) ;
125+ const safeSessionId = sanitizeForLog ( sessionId ) ;
126+ console . log ( "Removing PDF API client from session" , safeSessionId ) ;
113127
114128 const session = sessions . get ( sessionId ) ;
115129 if ( ! session ) {
116- console . log ( ` Session ${ sessionId } not found` ) ;
130+ console . log ( " Session not found" , safeSessionId ) ;
117131 return ;
118132 }
119133
120134 const index = session . clients . indexOf ( controller ) ;
121135 if ( index > - 1 ) {
122136 session . clients . splice ( index , 1 ) ;
123- console . log ( ` Client removed from session ${ sessionId } . Remaining clients:` , session . clients . length ) ;
137+ console . log ( " Client removed from session" , safeSessionId , " Remaining clients:" , session . clients . length ) ;
124138
125139 // If no clients left in session, we could optionally clean it up
126140 // For now, we'll keep it for a while in case the client reconnects
@@ -131,11 +145,13 @@ export function removeClient(controller: ReadableStreamDefaultController, sessio
131145
132146// Function to broadcast commands to all connected clients in a specific session
133147export function broadcastPDFCommand ( command : PDFCommand , sessionId : string , userId : string ) {
134- console . log ( `Broadcasting PDF command to session ${ sessionId } :` , command ) ;
148+ const safeSessionId = sanitizeForLog ( sessionId ) ;
149+ const safeUserId = sanitizeForLog ( userId ) ;
150+ console . log ( "Broadcasting PDF command to session" , safeSessionId , "user" , safeUserId , command ) ;
135151
136152 const session = sessions . get ( sessionId ) ;
137153 if ( ! session ) {
138- console . log ( ` Session ${ sessionId } not found, creating new session` ) ;
154+ console . log ( " Session not found, creating new session" , safeSessionId , "user" , safeUserId ) ;
139155 getOrCreateSession ( sessionId , userId ) ;
140156 return broadcastPDFCommand ( command , sessionId , userId ) ;
141157 }
@@ -166,22 +182,22 @@ export function broadcastPDFCommand(command: PDFCommand, sessionId: string, user
166182 // Send to all connected clients in this session
167183 session . clients . forEach ( ( controller , index ) => {
168184 try {
169- console . log ( ` Sending command to client ${ index + 1 } in session ${ sessionId } :` , message ) ;
185+ console . log ( " Sending command to client" , index + 1 , " in session" , safeSessionId , message ) ;
170186 controller . enqueue ( message ) ;
171187 } catch ( error ) {
172- console . error ( ` Error sending command to client ${ index + 1 } in session ${ sessionId } :` , error ) ;
188+ console . error ( " Error sending command to client" , index + 1 , " in session" , safeSessionId , error ) ;
173189 // Remove failed client
174190 const clientIndex = session . clients . indexOf ( controller ) ;
175191 if ( clientIndex > - 1 ) {
176192 session . clients . splice ( clientIndex , 1 ) ;
177- console . log ( ` Removed failed client from session ${ sessionId } . Remaining clients: ${ session . clients . length } ` ) ;
193+ console . log ( " Removed failed client from session" , safeSessionId , " Remaining clients:" , session . clients . length ) ;
178194 }
179195 }
180196 } ) ;
181197
182198 // If no clients connected in this session, queue the command
183199 if ( session . clients . length === 0 ) {
184- console . log ( ` No clients connected in session ${ sessionId } , queueing command` ) ;
200+ console . log ( " No clients connected in session" , safeSessionId , " queueing command" ) ;
185201 session . commandQueue . push ( scopedCommand ) ;
186202 // Keep only the last 10 commands to prevent memory issues
187203 if ( session . commandQueue . length > 10 ) {
0 commit comments