fix: sanitize saved session ids

he-yufeng · he-yufeng · commit f814bb283300 · 2026-05-12T18:53:13.000+08:00
diff --git a/README.md b/README.md
@@ -165,6 +165,8 @@ class HttpTool(Tool):
 quit             Exit
 ```
 
+Saved session IDs are sanitized before they become filenames, so resume data stays inside `~/.corecoder/sessions`.
+
 ## How It Compares
 
 |  | Claude Code | Claw-Code | Aider | CoreCoder |
diff --git a/README_CN.md b/README_CN.md
@@ -150,6 +150,8 @@ class HttpTool(Tool):
 quit             退出
 ```
 
+保存的会话 ID 会先安全化再作为文件名，恢复数据始终留在 `~/.corecoder/sessions` 目录内。
+
 ## 对比
 
 |  | Claude Code | Claw-Code | Aider | CoreCoder |
diff --git a/corecoder/session.py b/corecoder/session.py
@@ -5,19 +5,36 @@
 """
 
 import json
-import os
+import re
 import time
 from pathlib import Path
 
 SESSIONS_DIR = Path.home() / ".corecoder" / "sessions"
+_SAFE_SESSION_RE = re.compile(r"[^A-Za-z0-9._-]+")
+
+
+def _normalize_session_id(session_id: str | None) -> str:
+    if not session_id:
+        return f"session_{int(time.time())}"
+
+    name = session_id.strip().replace("\\", "/").split("/")[-1]
+    name = _SAFE_SESSION_RE.sub("-", name).strip(".-_")
+    return name or f"session_{int(time.time())}"
+
+
+def _session_path(session_id: str) -> Path:
+    path = (SESSIONS_DIR / f"{_normalize_session_id(session_id)}.json").resolve()
+    root = SESSIONS_DIR.resolve()
+    if root != path.parent:
+        raise ValueError("Invalid session id")
+    return path
 
 
 def save_session(messages: list[dict], model: str, session_id: str | None = None) -> str:
     """Save conversation to disk. Returns the session ID."""
     SESSIONS_DIR.mkdir(parents=True, exist_ok=True)
 
-    if not session_id:
-        session_id = f"session_{int(time.time())}"
+    session_id = _normalize_session_id(session_id)
 
     data = {
         "id": session_id,
@@ -26,14 +43,14 @@ def save_session(messages: list[dict], model: str, session_id: str | None = None
         "messages": messages,
     }
 
-    path = SESSIONS_DIR / f"{session_id}.json"
+    path = _session_path(session_id)
     path.write_text(json.dumps(data, ensure_ascii=False, indent=2))
     return session_id
 
 
 def load_session(session_id: str) -> tuple[list[dict], str] | None:
     """Load a saved session. Returns (messages, model) or None."""
-    path = SESSIONS_DIR / f"{session_id}.json"
+    path = _session_path(session_id)
     if not path.exists():
         return None
 
diff --git a/tests/test_core.py b/tests/test_core.py
@@ -89,6 +89,17 @@ def test_session_save_load():
     pathlib.Path.home().joinpath(".corecoder/sessions/pytest_test_session.json").unlink()
 
 
+def test_session_name_is_sanitized():
+    msgs = [{"role": "user", "content": "test message"}]
+    sid = save_session(msgs, "test-model", "../Research Notes!")
+
+    assert sid == "Research-Notes"
+    path = pathlib.Path.home().joinpath(".corecoder/sessions/Research-Notes.json")
+    assert path.exists()
+    assert load_session("../Research Notes!") is not None
+    path.unlink()
+
+
 def test_session_not_found():
     assert load_session("nonexistent_session_id") is None
 
