verint.com/obsidian-mcp
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

fix: allow ampersands in filenames while blocking command injection (v1.1.2)

Browse Source 
Fixes #2 - Files with & in their names (e.g., 'Research & Development.md')
were being incorrectly sanitized, causing search and file-not-found errors.

Changes:
- Removed & from DANGEROUS_CHARS regex
- Single & is safe in quoted arguments passed to CLI
- Dangerous && patterns still blocked by COMMAND_INJECTION_PATTERNS
- Also allows (), [], {} which are safe in quoted args

Version: 1.1.2

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This commit is contained in:
Peter Morton
2026-04-14 16:58:18 -05:00
parent 466587d1c5
commit 57b58a0d22
4 changed files with 21 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
CHANGELOG.md
View File

@@ -73,6 +73,15 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
- Comprehensive input schema definitions
- Security audit of parameter handling
## [1.1.2] - 2026-04-14
### Fixed
- **Ampersand in Filenames**: Fixed issue #2 where files with `&` in their names (e.g., "Research & Development.md") were causing search and file-not-found errors
- Single ampersands are now preserved in filenames and paths
- Security maintained: Dangerous `&&` command operators are still blocked by injection pattern detection
- Also preserves parentheses `()`, brackets `[]`, and braces `{}` which are safe in quoted CLI arguments
- Affects all file operations and search tools
## [1.1.1] - 2026-04-10
### Fixed
@@ -105,6 +114,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
## Version History
- **1.1.2** - Bug fix release: Ampersand support in filenames (fixes #2)
- **1.1.1** - Bug fix release: Quote escaping in note content
- **1.1.0** - Bug fix release: Square brackets preservation in note content
- **1.0.0** - Initial release with 28 MCP tools across 3 user stories
@@ -112,6 +122,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
- Search & Discovery (12 tools)
- Task & Property Management (8 tools)
[1.1.2]: https://github.com/yourusername/obsidian-mcp/releases/tag/v1.1.2
[1.1.1]: https://github.com/yourusername/obsidian-mcp/releases/tag/v1.1.1
[1.1.0]: https://github.com/yourusername/obsidian-mcp/releases/tag/v1.1.0
[1.0.0]: https://github.com/yourusername/obsidian-mcp/releases/tag/v1.0.0

2
manifest.json
View File

@@ -1,7 +1,7 @@
{
"manifest_version": "0.3",
"name": "obsidian-mcp",
"version": "1.1.1",
"version": "1.1.2",
"display_name": "Obsidian CLI Bundle",
"description": "MCP Bundle for Obsidian CLI - Enable AI assistants to manage Obsidian vaults through conversational interface",
"long_description": "This MCP bundle provides a comprehensive set of tools for AI assistants to interact with and manage Obsidian vaults. It includes capabilities for creating, reading, updating, and deleting notes, managing links and tags, handling tasks, and more. With this bundle, AI assistants can seamlessly integrate with Obsidian to help users organize their knowledge and workflows.",

2
package.json
View File

@@ -1,6 +1,6 @@
{
"name": "obsidian-mcp",
"version": "1.1.1",
"version": "1.1.2",
"description": "MCP Bundle for Obsidian CLI - Enable AI assistants to manage Obsidian vaults through Model Context Protocol",
"type": "module",
"main": "dist/index.js",

13
src/validation/sanitizer.ts
View File

@@ -8,10 +8,13 @@ import { logger } from '../utils/logger.js';
/**
* Characters that should be removed or escaped for security
* Note: Square brackets [] are safe because values are quoted and passed as array args
* They're essential for Obsidian markdown (wikilinks [[link]] and tasks - [ ] Task)
* Note: Brackets [], parentheses (), and braces {} are safe because values are quoted and passed as array args
* They're essential for Obsidian markdown (wikilinks [[link]], tasks - [ ] Task, templates {{...}}, etc.)
* Note: Single & is safe in quoted args (filenames like "Research & Development.md")
* We only block: ; | ` $ < > (command separators, pipes, substitution, redirects)
* Command injection patterns (&&, ||, etc.) are handled separately
*/
const DANGEROUS_CHARS = /[;&|`$(){}<>]/g;
const DANGEROUS_CHARS = /[;|`$<>]/g;
const COMMAND_INJECTION_PATTERNS = [
/\$\(/g, // Command substitution $(...)
/`[^`]*`/g, // Command substitution `...`
@@ -69,8 +72,8 @@ export function sanitizePath(path: string): string {
sanitized = sanitized.replace(/^\/+|\/+$/g, '');
// Remove dangerous characters but allow path separators
// Note: Square brackets are safe in paths (quoted args) but removed for consistency
sanitized = sanitized.replace(/[;&|`$(){}<>]/g, '');
// Note: Brackets, parentheses, braces, and single & are safe in paths (quoted args)
sanitized = sanitized.replace(/[;|`$<>]/g, '');
return sanitized;
}