diff --git a/rest-api/db/migrations/20250323134405_username_blocklist.sql b/rest-api/db/migrations/20250323134405_username_blocklist.sql
new file mode 100644
index 0000000..8b89932
--- /dev/null
+++ b/rest-api/db/migrations/20250323134405_username_blocklist.sql
@@ -0,0 +1,13 @@
+-- migrate:up
+ALTER TABLE internal.user
+ DROP CONSTRAINT username_not_blocked;
+
+ALTER TABLE internal.user
+ ADD CONSTRAINT username_not_blocked CHECK (LOWER(username) NOT IN ('admin', 'administrator', 'api', 'auth', 'blog', 'cdn', 'docs', 'help', 'login', 'logout', 'profile', 'preview', 'previews', 'register', 'settings', 'setup', 'signin', 'signup', 'support', 'test', 'www'));
+
+-- migrate:down
+ALTER TABLE internal.user
+ DROP CONSTRAINT username_not_blocked;
+
+ALTER TABLE internal.user
+ ADD CONSTRAINT username_not_blocked CHECK (LOWER(username) NOT IN ('admin', 'administrator', 'api', 'auth', 'blog', 'cdn', 'docs', 'help', 'login', 'logout', 'profile', 'register', 'settings', 'setup', 'signin', 'signup', 'support', 'test', 'www'));
\ No newline at end of file
diff --git a/web-app/src/routes/(authenticated)/website/[websiteId]/logs/+page.svelte b/web-app/src/routes/(authenticated)/website/[websiteId]/logs/+page.svelte
index db8cf9c..4176c81 100644
--- a/web-app/src/routes/(authenticated)/website/[websiteId]/logs/+page.svelte
+++ b/web-app/src/routes/(authenticated)/website/[websiteId]/logs/+page.svelte
@@ -141,9 +141,13 @@
Compute diff
{#if form?.logId === id && form?.currentDiff}
- {@html DOMPurify.sanitize(form.currentDiff, {
- ALLOWED_TAGS: ["ins", "del"]
- })}
+ {@html DOMPurify.sanitize(
+ // .replace takes escaped text representations of line breaks and converts them to real line breaks that render correctly in HTML
+ form.currentDiff.replace(/\\r\\n|\\n|\\r/g, "\n"),
+ {
+ ALLOWED_TAGS: ["ins", "del"]
+ }
+ )}
{/if}
{/if}