thohlt/archtika
1
0
Fork 0
mirror of https://github.com/thiloho/archtika.git synced 2025-11-22 02:41:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #31 from archtika/devel

Browse Source 
Render line breaks in change log and add more usernames to the blacklist
This commit is contained in:
Thilo Hohlt
2025-03-23 15:43:24 +01:00
committed by GitHub
parent 09f1b1c533 3f59fd4c58
commit d8b471764c
2 changed files with 20 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
rest-api/db/migrations/20250323134405_username_blocklist.sql Normal file
View File

@@ -0,0 +1,13 @@
-- migrate:up
ALTER TABLE internal.user
DROP CONSTRAINT username_not_blocked;
ALTER TABLE internal.user
ADD CONSTRAINT username_not_blocked CHECK (LOWER(username) NOT IN ('admin', 'administrator', 'api', 'auth', 'blog', 'cdn', 'docs', 'help', 'login', 'logout', 'profile', 'preview', 'previews', 'register', 'settings', 'setup', 'signin', 'signup', 'support', 'test', 'www'));
-- migrate:down
ALTER TABLE internal.user
DROP CONSTRAINT username_not_blocked;
ALTER TABLE internal.user
ADD CONSTRAINT username_not_blocked CHECK (LOWER(username) NOT IN ('admin', 'administrator', 'api', 'auth', 'blog', 'cdn', 'docs', 'help', 'login', 'logout', 'profile', 'register', 'settings', 'setup', 'signin', 'signup', 'support', 'test', 'www'));

8
web-app/src/routes/(authenticated)/website/[websiteId]/logs/+page.svelte
View File

@@ -141,9 +141,13 @@
<button type="submit">Compute diff</button>
</form>
{#if form?.logId === id && form?.currentDiff}
<pre>{@html DOMPurify.sanitize(form.currentDiff, {
<pre>{@html DOMPurify.sanitize(
// .replace takes escaped text representations of line breaks and converts them to real line breaks that render correctly in HTML
form.currentDiff.replace(/\\r\\n|\\n|\\r/g, "\n"),
{
ALLOWED_TAGS: ["ins", "del"]
})}</pre>
}
)}</pre>
{/if}
{/if}