thohlt/archtika
1
0
Fork 0
mirror of https://github.com/thiloho/archtika.git synced 2025-11-22 10:51:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

Strip null values for changelog and set size limit for large content blocks

Browse Source
This commit is contained in:
thiloho
2024-10-06 02:01:15 +02:00
parent b53f4c4859
commit 1b8f093f5b
5 changed files with 21 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
rest-api/db/migrations/20240719071602_main_tables.sql
View File

@@ -73,7 +73,7 @@ CREATE TABLE internal.header (
CREATE TABLE internal.home ( CREATE TABLE internal.home (
website_id UUID PRIMARY KEY REFERENCES internal.website (id) ON DELETE CASCADE, website_id UUID PRIMARY KEY REFERENCES internal.website (id) ON DELETE CASCADE,
main_content TEXT NOT NULL CHECK (TRIM(main_content) != ''), main_content VARCHAR(200000) NOT NULL CHECK (TRIM(main_content) != ''),
meta_description VARCHAR(250) CHECK (TRIM(meta_description) != ''), meta_description VARCHAR(250) CHECK (TRIM(meta_description) != ''),
last_modified_at TIMESTAMPTZ NOT NULL DEFAULT CLOCK_TIMESTAMP(), last_modified_at TIMESTAMPTZ NOT NULL DEFAULT CLOCK_TIMESTAMP(),
last_modified_by UUID REFERENCES internal.user (id) ON DELETE SET NULL last_modified_by UUID REFERENCES internal.user (id) ON DELETE SET NULL
@@ -101,7 +101,7 @@ CREATE TABLE internal.article (
meta_author VARCHAR(100) CHECK (TRIM(meta_author) != ''), meta_author VARCHAR(100) CHECK (TRIM(meta_author) != ''),
cover_image UUID REFERENCES internal.media (id) ON DELETE SET NULL, cover_image UUID REFERENCES internal.media (id) ON DELETE SET NULL,
publication_date DATE, publication_date DATE,
main_content TEXT CHECK (TRIM(main_content) != ''), main_content VARCHAR(200000) CHECK (TRIM(main_content) != ''),
category UUID REFERENCES internal.docs_category (id) ON DELETE SET NULL, category UUID REFERENCES internal.docs_category (id) ON DELETE SET NULL,
article_weight INTEGER CHECK (article_weight IS NULL OR article_weight >= 0), article_weight INTEGER CHECK (article_weight IS NULL OR article_weight >= 0),
created_at TIMESTAMPTZ NOT NULL DEFAULT CLOCK_TIMESTAMP(), created_at TIMESTAMPTZ NOT NULL DEFAULT CLOCK_TIMESTAMP(),
@@ -119,7 +119,7 @@ CREATE TABLE internal.footer (
CREATE TABLE internal.legal_information ( CREATE TABLE internal.legal_information (
website_id UUID PRIMARY KEY REFERENCES internal.website (id) ON DELETE CASCADE, website_id UUID PRIMARY KEY REFERENCES internal.website (id) ON DELETE CASCADE,
main_content TEXT NOT NULL CHECK (TRIM(main_content) != ''), main_content VARCHAR(200000) NOT NULL CHECK (TRIM(main_content) != ''),
created_at TIMESTAMPTZ NOT NULL DEFAULT CLOCK_TIMESTAMP(), created_at TIMESTAMPTZ NOT NULL DEFAULT CLOCK_TIMESTAMP(),
last_modified_at TIMESTAMPTZ NOT NULL DEFAULT CLOCK_TIMESTAMP(), last_modified_at TIMESTAMPTZ NOT NULL DEFAULT CLOCK_TIMESTAMP(),
last_modified_by UUID REFERENCES internal.user (id) ON DELETE SET NULL last_modified_by UUID REFERENCES internal.user (id) ON DELETE SET NULL

1
web-app/src/lib/components/MarkdownEditor.svelte
View File

@@ -63,6 +63,7 @@
<textarea <textarea
{name} {name}
rows="20" rows="20"
maxlength="200000"
bind:value={previewContent.value} bind:value={previewContent.value}
bind:this={mainContentTextarea} bind:this={mainContentTextarea}
onscroll={updateScrollPercentage} onscroll={updateScrollPercentage}

8
web-app/src/lib/utils.ts
View File

@@ -147,7 +147,13 @@ const createMarkdownParser = (showToc = true) => {
export const md = (markdownContent: string, showToc = true) => { export const md = (markdownContent: string, showToc = true) => {
const marked = createMarkdownParser(showToc); const marked = createMarkdownParser(showToc);
const html = DOMPurify.sanitize(marked.parse(markdownContent) as string); let html = "";
try {
html = DOMPurify.sanitize(marked.parse(markdownContent, { async: false }));
} catch (_) {
html = "Failed to parse markdown";
}
return html; return html;
}; };

10
web-app/src/routes/(authenticated)/website/[websiteId]/logs/+page.server.ts
View File

@@ -29,7 +29,10 @@ export const load: PageServerLoad = async ({ parent, fetch, params, url }) => {
const constructedFetchUrl = `${baseFetchUrl}&${searchParams.toString()}&limit=20&offset=${resultOffset}`; const constructedFetchUrl = `${baseFetchUrl}&${searchParams.toString()}&limit=20&offset=${resultOffset}`;
const changeLog: (ChangeLog & { user: { username: User["username"] } })[] = ( const changeLog: (ChangeLog & { user: { username: User["username"] } })[] = (
await apiRequest(fetch, constructedFetchUrl, "GET", { returnData: true }) await apiRequest(fetch, constructedFetchUrl, "GET", {
headers: { Accept: "application/vnd.pgrst.array+json;nulls=stripped" },
returnData: true
})
).data; ).data;
const resultChangeLogData = await apiRequest(fetch, constructedFetchUrl, "HEAD", { const resultChangeLogData = await apiRequest(fetch, constructedFetchUrl, "HEAD", {
@@ -92,7 +95,10 @@ export const actions: Actions = {
fetch, fetch,
`${API_BASE_PREFIX}/change_log?id=eq.${data.get("id")}&select=old_value,new_value`, `${API_BASE_PREFIX}/change_log?id=eq.${data.get("id")}&select=old_value,new_value`,
"GET", "GET",
{ headers: { Accept: "application/vnd.pgrst.object+json" }, returnData: true } {
headers: { Accept: "application/vnd.pgrst.object+json;nulls=stripped" },
returnData: true
}
) )
).data; ).data;

6
web-app/src/routes/(authenticated)/website/[websiteId]/logs/+page.svelte
View File

@@ -155,14 +155,12 @@
{#if new_value && !old_value} {#if new_value && !old_value}
<h4>New value</h4> <h4>New value</h4>
<pre style="white-space: pre-wrap">{@html (DOMPurify.sanitize(newValue), <pre style="white-space: pre-wrap">{DOMPurify.sanitize(newValue)}</pre>
{ ALLOWED_TAGS: ["ins", "del"] })}</pre>
{/if} {/if}
{#if old_value && !new_value} {#if old_value && !new_value}
<h4>Old value</h4> <h4>Old value</h4>
<pre style="white-space: pre-wrap">{@html (DOMPurify.sanitize(oldValue), <pre style="white-space: pre-wrap">{DOMPurify.sanitize(oldValue)}</pre>
{ ALLOWED_TAGS: ["ins", "del"] })}</pre>
{/if} {/if}
</Modal> </Modal>
</td> </td>