tjh.dev / test
forked from tangled.org/core
Mirror of @tangled.org/core. Running on a Raspberry Pi Zero 2 (Please be gentle).
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

appview/knots, appview/spindles: strip protocol and @ symbol from user inputs

Signed-off-by: Evan Jarrett <evan@evanjarrett.com>

authored by

Evan Jarrett and committed by
Tangled 4f99f195 73964ab9

+21 -3
+9
appview/knots/knots.go
··· 6 6 "log/slog" 7 7 "net/http" 8 8 "slices" 9 + "strings" 9 10 "time" 10 11 11 12 "github.com/go-chi/chi/v5" ··· 146 145 } 147 146 148 147 domain := r.FormValue("domain") 148 + // Strip protocol, trailing slashes, and whitespace 149 + // Rkey cannot contain slashes 150 + domain = strings.TrimSpace(domain) 151 + domain = strings.TrimPrefix(domain, "https://") 152 + domain = strings.TrimPrefix(domain, "http://") 153 + domain = strings.TrimSuffix(domain, "/") 149 154 if domain == "" { 150 155 k.Pages.Notice(w, noticeId, "Incomplete form.") 151 156 return ··· 533 526 } 534 527 535 528 member := r.FormValue("member") 529 + member = strings.TrimPrefix(member, "@") 536 530 if member == "" { 537 531 l.Error("empty member") 538 532 k.Pages.Notice(w, noticeId, "Failed to add member, empty form.") ··· 634 626 } 635 627 636 628 member := r.FormValue("member") 629 + member = strings.TrimPrefix(member, "@") 637 630 if member == "" { 638 631 l.Error("empty member") 639 632 k.Pages.Notice(w, noticeId, "Failed to remove member, empty form.")
+1 -1
appview/pages/templates/knots/fragments/addMemberModal.html
··· 34 34 id="member-did-{{ .Id }}" 35 35 name="member" 36 36 required 37 - placeholder="@foo.bsky.social" 37 + placeholder="foo.bsky.social" 38 38 /> 39 39 <div class="flex gap-2 pt-2"> 40 40 <button
+1 -1
appview/pages/templates/repo/settings/access.html
··· 89 89 id="add-collaborator" 90 90 name="collaborator" 91 91 required 92 - placeholder="@foo.bsky.social" 92 + placeholder="foo.bsky.social" 93 93 /> 94 94 <div class="flex gap-2 pt-2"> 95 95 <button
+1 -1
appview/pages/templates/spindles/fragments/addMemberModal.html
··· 36 36 id="member-did-{{ .Id }}" 37 37 name="member" 38 38 required 39 - placeholder="@foo.bsky.social" 39 + placeholder="foo.bsky.social" 40 40 /> 41 41 <div class="flex gap-2 pt-2"> 42 42 <button
+9
appview/spindles/spindles.go
··· 6 6 "log/slog" 7 7 "net/http" 8 8 "slices" 9 + "strings" 9 10 "time" 10 11 11 12 "github.com/go-chi/chi/v5" ··· 147 146 } 148 147 149 148 instance := r.FormValue("instance") 149 + // Strip protocol, trailing slashes, and whitespace 150 + // Rkey cannot contain slashes 151 + instance = strings.TrimSpace(instance) 152 + instance = strings.TrimPrefix(instance, "https://") 153 + instance = strings.TrimPrefix(instance, "http://") 154 + instance = strings.TrimSuffix(instance, "/") 150 155 if instance == "" { 151 156 s.Pages.Notice(w, noticeId, "Incomplete form.") 152 157 return ··· 491 484 } 492 485 493 486 member := r.FormValue("member") 487 + member = strings.TrimPrefix(member, "@") 494 488 if member == "" { 495 489 l.Error("empty member") 496 490 s.Pages.Notice(w, noticeId, "Failed to add member, empty form.") ··· 621 613 } 622 614 623 615 member := r.FormValue("member") 616 + member = strings.TrimPrefix(member, "@") 624 617 if member == "" { 625 618 l.Error("empty member") 626 619 s.Pages.Notice(w, noticeId, "Failed to remove member, empty form.")