From 521168fce8f6089443378410df5191e26ba1db2d Mon Sep 17 00:00:00 2001
From: hatimhtm <106043141+hatimhtm@users.noreply.github.com>
Date: Thu, 23 Apr 2026 19:15:51 +0000
Subject: [PATCH] =?UTF-8?q?=F0=9F=94=92=20[security=20fix]=20Sanitize=20ap?=
 =?UTF-8?q?pID=20to=20prevent=20log=20injection?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 Click2Minimize/AppDelegate.swift | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/Click2Minimize/AppDelegate.swift b/Click2Minimize/AppDelegate.swift
index 55a4109..8747eb5 100644
--- a/Click2Minimize/AppDelegate.swift
+++ b/Click2Minimize/AppDelegate.swift
@@ -306,7 +306,9 @@ class AppDelegate: NSObject, NSApplicationDelegate {
                                     let sizeHeight = sizeDescriptor.atIndex(2)?.doubleValue ?? 0
                                     
                                     // Extract app ID (name)
-                                    let appID = appIDDescriptor.stringValue ?? "Unknown"
+                                    let rawAppID = appIDDescriptor.stringValue ?? "Unknown"
+                                    // Sanitize appID to prevent Log Injection and other control-character based attacks
+                                    let appID = rawAppID.components(separatedBy: .controlCharacters).joined()
                                     
                                     let rect = NSRect(x: positionX, y: positionY, width: sizeWidth, height: sizeHeight)
                                     let dockItem = DockItem(rect: rect, appID: appID)