security: fix some security vulnerabilities in GGEditor

[slievrly]

Signed-off-by: slievrly slievrly@163.com

• I have registered the PR changes.

Ⅰ. Describe what this PR did

fix some security vulnerabilities in GGEditor

Ⅱ. Does this pull request fix one issue?

The original PR could not be merged due to a CLA problem with the BOT, but the content was verified, so a new PR was submitted to solve the problem.

after fix:

Ⅲ. Why don't you add test cases (unit test/integration test)?

Ⅳ. Describe how to verify it

cd saga/seata-saga-statemachine-designer
npm install
npm start

visit: http://localhost:8080/#/

import json design

{
  "nodes": [
    {
      "type": "node",
      "size": "39*39",
      "shape": "flow-circle",
      "color": "red",
      "label": "Catch",
      "stateId": "Catch1",
      "stateType": "Catch",
      "x": 592,
      "y": 590,
      "id": "e5a3adea",
      "index": 3
    },
    {
      "type": "node",
      "size": "72*72",
      "shape": "flow-circle",
      "color": "#FA8C16",
      "label": "Start",
      "stateId": "Start1",
      "stateType": "Start",
      "stateProps": {
        "StateMachine": {
          "Name": "",
          "Comment": "",
          "Version": "0.0.1"
        }
      },
      "x": 528,
      "y": 194.5,
      "id": "c52c1eb1",
      "index": 8
    },
    {
      "type": "node",
      "size": "110*48",
      "shape": "flow-rect",
      "color": "#1890FF",
      "label": "inventory",
      "stateId": "ServiceTask1",
      "stateType": "ServiceTask",
      "stateProps": {
        "ServiceName": "",
        "ServiceMethod": "",
        "Input": [
          {}
        ],
        "Output": {},
        "Status": {},
        "Retry": []
      },
      "x": 528,
      "y": 298,
      "id": "9dc55222",
      "index": 9
    },
    {
      "type": "node",
      "size": "80*72",
      "shape": "flow-rhombus",
      "color": "#13C2C2",
      "label": "Choice",
      "stateId": "Choice1",
      "stateType": "Choice",
      "x": 528,
      "y": 437,
      "id": "684e8401",
      "index": 10
    },
    {
      "type": "node",
      "size": "72*72",
      "shape": "flow-circle",
      "color": "red",
      "label": "Fail",
      "stateId": "Fail1",
      "stateType": "Fail",
      "stateProps": {
        "ErrorCode": "",
        "Message": ""
      },
      "x": 779,
      "y": 457,
      "id": "7e88c6b9",
      "index": 11
    },
    {
      "type": "node",
      "size": "110*48",
      "shape": "flow-capsule",
      "color": "#722ED1",
      "label": "CompensateInventory",
      "stateId": "Compensation1",
      "stateType": "Compensation",
      "stateProps": {
        "ServiceName": "",
        "ServiceMethod": "",
        "Input": [
          {}
        ],
        "Output": {},
        "Status": {},
        "Retry": []
      },
      "x": 264,
      "y": 297.5,
      "id": "9701c0d0",
      "index": 12
    },
    {
      "type": "node",
      "size": "110*48",
      "shape": "flow-rect",
      "color": "#1890FF",
      "label": "Account",
      "stateId": "ServiceTask2",
      "stateType": "ServiceTask",
      "stateProps": {
        "ServiceName": "",
        "ServiceMethod": "",
        "Input": [
          {}
        ],
        "Output": {},
        "Status": {},
        "Retry": []
      },
      "x": 530,
      "y": 561,
      "id": "2b58fc29",
      "index": 13
    },
    {
      "type": "node",
      "size": "72*72",
      "shape": "flow-circle",
      "color": "#05A465",
      "label": "Succeed",
      "stateId": "Succeed1",
      "stateType": "Succeed",
      "x": 531.5,
      "y": 671,
      "id": "819d95af",
      "index": 14
    },
    {
      "type": "node",
      "size": "110*48",
      "shape": "flow-capsule",
      "color": "#722ED1",
      "label": "CompensateAccount",
      "stateId": "Compensation2",
      "stateType": "Compensation",
      "stateProps": {
        "ServiceName": "",
        "ServiceMethod": "",
        "Input": [
          {}
        ],
        "Output": {},
        "Status": {},
        "Retry": []
      },
      "x": 258,
      "y": 560.5,
      "id": "508e1241",
      "index": 15
    },
    {
      "type": "node",
      "size": "110*48",
      "shape": "flow-capsule",
      "color": "red",
      "label": "Compensation\nTrigger",
      "stateId": "CompensationTrigger1",
      "stateType": "CompensationTrigger",
      "x": 732,
      "y": 617,
      "id": "c4faa0db"
    }
  ],
  "edges": [
    {
      "source": "c52c1eb1",
      "sourceAnchor": 2,
      "target": "9dc55222",
      "targetAnchor": 0,
      "id": "aa78a5e5",
      "shape": "flow-polyline-round",
      "index": 0
    },
    {
      "source": "9dc55222",
      "sourceAnchor": 2,
      "target": "684e8401",
      "targetAnchor": 0,
      "id": "f4288b30",
      "shape": "flow-polyline-round",
      "index": 1
    },
    {
      "source": "684e8401",
      "sourceAnchor": 1,
      "target": "7e88c6b9",
      "targetAnchor": 3,
      "id": "c644bb2f",
      "shape": "flow-polyline-round",
      "stateProps": {
        "Expression": "",
        "Default": false
      },
      "index": 2
    },
    {
      "source": "9dc55222",
      "sourceAnchor": 3,
      "target": "9701c0d0",
      "targetAnchor": 1,
      "id": "c6d60337",
      "shape": "flow-polyline-round",
      "style": {
        "lineDash": "4",
        "endArrow": false
      },
      "type": "Compensation",
      "index": 4
    },
    {
      "source": "684e8401",
      "sourceAnchor": 2,
      "target": "2b58fc29",
      "targetAnchor": 0,
      "id": "edb1d7db",
      "shape": "flow-polyline-round",
      "stateProps": {
        "Expression": "",
        "Default": false
      },
      "index": 5
    },
    {
      "source": "2b58fc29",
      "sourceAnchor": 2,
      "target": "819d95af",
      "targetAnchor": 0,
      "id": "234f4656",
      "shape": "flow-polyline-round",
      "index": 6
    },
    {
      "source": "2b58fc29",
      "sourceAnchor": 3,
      "target": "508e1241",
      "targetAnchor": 1,
      "id": "b785f641",
      "shape": "flow-polyline-round",
      "style": {
        "lineDash": "4",
        "endArrow": false
      },
      "type": "Compensation",
      "index": 7
    },
    {
      "source": "e5a3adea",
      "sourceAnchor": 1,
      "target": "c4faa0db",
      "targetAnchor": 3,
      "id": "75205e32",
      "shape": "flow-polyline-round",
      "stateProps": {
        "Exceptions": [
          "java.lang.Throwable"
        ]
      }
    },
    {
      "source": "c4faa0db",
      "sourceAnchor": 1,
      "target": "7e88c6b9",
      "targetAnchor": 2,
      "id": "10d8268d",
      "shape": "flow-polyline-round"
    }
  ]
}

https://seata.io/saga_designer/index.html#/

apache/incubator-seata-website#516

Ⅴ. Special notes for reviews

[codecov-commenter]

Codecov Report

Merging #5182 (2521f69) into develop (23f16e3) will not change coverage.
The diff coverage is n/a.

@@            Coverage Diff             @@
##             develop    #5182   +/-   ##
==========================================
  Coverage      48.45%   48.45%           
  Complexity      4136     4136           
==========================================
  Files            743      743           
  Lines          26517    26517           
  Branches        3294     3294           
==========================================
  Hits           12848    12848           
  Misses         12271    12271           
  Partials        1398     1398