From 20bcd84d7eb1daa47f72eefd593e44cf7a63bbcb Mon Sep 17 00:00:00 2001
From: thiloho <123883702+thiloho@users.noreply.github.com>
Date: Sun, 23 Mar 2025 14:25:15 +0100
Subject: [PATCH 1/2] Render line breaks in change lot HTML representation

---
 .../website/[websiteId]/logs/+page.svelte              | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/web-app/src/routes/(authenticated)/website/[websiteId]/logs/+page.svelte b/web-app/src/routes/(authenticated)/website/[websiteId]/logs/+page.svelte
index db8cf9c..4176c81 100644
--- a/web-app/src/routes/(authenticated)/website/[websiteId]/logs/+page.svelte
+++ b/web-app/src/routes/(authenticated)/website/[websiteId]/logs/+page.svelte
@@ -141,9 +141,13 @@
                       <button type="submit">Compute diff</button>
                     </form>
                     {#if form?.logId === id && form?.currentDiff}
-                      <pre>{@html DOMPurify.sanitize(form.currentDiff, {
-                          ALLOWED_TAGS: ["ins", "del"]
-                        })}</pre>
+                      <pre>{@html DOMPurify.sanitize(
+                          // .replace takes escaped text representations of line breaks and converts them to real line breaks that render correctly in HTML
+                          form.currentDiff.replace(/\\r\\n|\\n|\\r/g, "\n"),
+                          {
+                            ALLOWED_TAGS: ["ins", "del"]
+                          }
+                        )}</pre>
                     {/if}
                   {/if}
 

From 3f59fd4c585cd24192406c1ddd3781ab096531ec Mon Sep 17 00:00:00 2001
From: thiloho <123883702+thiloho@users.noreply.github.com>
Date: Sun, 23 Mar 2025 14:49:13 +0100
Subject: [PATCH 2/2] Add more usernames to the blacklist

---
 .../20250323134405_username_blocklist.sql           | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 rest-api/db/migrations/20250323134405_username_blocklist.sql

diff --git a/rest-api/db/migrations/20250323134405_username_blocklist.sql b/rest-api/db/migrations/20250323134405_username_blocklist.sql
new file mode 100644
index 0000000..8b89932
--- /dev/null
+++ b/rest-api/db/migrations/20250323134405_username_blocklist.sql
@@ -0,0 +1,13 @@
+-- migrate:up
+ALTER TABLE internal.user
+  DROP CONSTRAINT username_not_blocked;
+
+ALTER TABLE internal.user
+  ADD CONSTRAINT username_not_blocked CHECK (LOWER(username) NOT IN ('admin', 'administrator', 'api', 'auth', 'blog', 'cdn', 'docs', 'help', 'login', 'logout', 'profile', 'preview', 'previews', 'register', 'settings', 'setup', 'signin', 'signup', 'support', 'test', 'www'));
+
+-- migrate:down
+ALTER TABLE internal.user
+  DROP CONSTRAINT username_not_blocked;
+
+ALTER TABLE internal.user
+  ADD CONSTRAINT username_not_blocked CHECK (LOWER(username) NOT IN ('admin', 'administrator', 'api', 'auth', 'blog', 'cdn', 'docs', 'help', 'login', 'logout', 'profile', 'register', 'settings', 'setup', 'signin', 'signup', 'support', 'test', 'www'));
\ No newline at end of file