graphite/Sharkey
1
0
Fork 0
mirror of https://git.joinsharkey.org/Sharkey/Sharkey.git synced 2024-11-26 11:33:08 +02:00
Code Issues Projects Releases Packages Wiki Activity

silence some over-eager security non-problems #407

Browse source
This commit is contained in:
dakkar 2024-02-09 13:14:05 +00:00
parent a440972e86
commit f727d836ea
7 changed files with 11 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
packages/frontend/src/components/MkAutocomplete.vue
View file

@ -25,7 +25,7 @@ SPDX-License-Identifier: AGPL-3.0-only
<MkCustomEmoji v-if="'isCustomEmoji' in emoji && emoji.isCustomEmoji" :name="emoji.emoji" :class="$style.emoji"/> <MkCustomEmoji v-if="'isCustomEmoji' in emoji && emoji.isCustomEmoji" :name="emoji.emoji" :class="$style.emoji"/>
<MkEmoji v-else :emoji="emoji.emoji" :class="$style.emoji"/> <MkEmoji v-else :emoji="emoji.emoji" :class="$style.emoji"/>
<!-- eslint-disable-next-line vue/no-v-html --> <!-- eslint-disable-next-line vue/no-v-html -->
<span v-if="q" :class="$style.emojiName" v-html="sanitizeHtml(emoji.name.replace(q, `<b>${q}</b>`))"></span> <span v-if="q" :class="$style.emojiName" v-html="sanitizeHtml(emoji.name.replace(q, `<b>${q}</b>`))"></span><!-- njsscan-ignore:vue_template -->
<span v-else v-text="emoji.name"></span> <span v-else v-text="emoji.name"></span>
<span v-if="emoji.aliasOf" :class="$style.emojiAlias">({{ emoji.aliasOf }})</span> <span v-if="emoji.aliasOf" :class="$style.emojiAlias">({{ emoji.aliasOf }})</span>
</li> </li>

2
packages/frontend/src/components/MkCode.core.vue
View file

@ -5,7 +5,7 @@ SPDX-License-Identifier: AGPL-3.0-only
<!-- eslint-disable vue/no-v-html --> <!-- eslint-disable vue/no-v-html -->
<template> <template>
<div :class="[$style.codeBlockRoot, { [$style.codeEditor]: codeEditor }]" v-html="html"></div> <div :class="[$style.codeBlockRoot, { [$style.codeEditor]: codeEditor }]" v-html="html"></div><!-- njsscan-ignore:vue_template -->
</template> </template>
<script lang="ts" setup> <script lang="ts" setup>

4
packages/frontend/src/components/MkFormula.vue
View file

@ -4,8 +4,8 @@ SPDX-License-Identifier: AGPL-3.0-only
--> -->
<template> <template>
<div v-if="block" :class="$style.block" v-html="renderedFormula"></div> <div v-if="block" :class="$style.block" v-html="renderedFormula"></div><!-- njsscan-ignore:vue_template -->
<span v-else v-html="renderedFormula"></span> <span v-else v-html="renderedFormula"></span><!-- njsscan-ignore:vue_template -->
</template> </template>
<script lang="ts" setup> <script lang="ts" setup>

2
packages/frontend/src/components/MkSignupDialog.rules.vue
View file

@ -24,7 +24,7 @@ SPDX-License-Identifier: AGPL-3.0-only
<template #suffix><i v-if="agreeServerRules" class="ph-check ph-bold ph-lg" style="color: var(--success)"></i></template> <template #suffix><i v-if="agreeServerRules" class="ph-check ph-bold ph-lg" style="color: var(--success)"></i></template>
<ol class="_gaps_s" :class="$style.rules"> <ol class="_gaps_s" :class="$style.rules">
<li v-for="item in instance.serverRules" :class="$style.rule"><div :class="$style.ruleText" v-html="sanitizeHtml(item)"></div></li> <li v-for="item in instance.serverRules" :class="$style.rule"><div :class="$style.ruleText" v-html="sanitizeHtml(item)"></div></li><!-- njsscan-ignore:vue_template -->
</ol> </ol>
<MkSwitch :modelValue="agreeServerRules" style="margin-top: 16px;" @update:modelValue="updateAgreeServerRules">{{ i18n.ts.agree }}</MkSwitch> <MkSwitch :modelValue="agreeServerRules" style="margin-top: 16px;" @update:modelValue="updateAgreeServerRules">{{ i18n.ts.agree }}</MkSwitch>

2
packages/frontend/src/components/MkVisitorDashboard.vue
View file

@ -16,7 +16,7 @@ SPDX-License-Identifier: AGPL-3.0-only
</h1> </h1>
<div :class="$style.mainAbout"> <div :class="$style.mainAbout">
<!-- eslint-disable-next-line vue/no-v-html --> <!-- eslint-disable-next-line vue/no-v-html -->
<div v-html="sanitizeHtml(meta.description) || i18n.ts.headlineMisskey"></div> <div v-html="sanitizeHtml(meta.description) || i18n.ts.headlineMisskey"></div><!-- njsscan-ignore:vue_template -->
</div> </div>
<div v-if="instance.disableRegistration" :class="$style.mainWarn"> <div v-if="instance.disableRegistration" :class="$style.mainWarn">
<MkInfo warn>{{ i18n.ts.invitationRequiredToRegister }}</MkInfo> <MkInfo warn>{{ i18n.ts.invitationRequiredToRegister }}</MkInfo>

7
packages/frontend/src/pages/about.vue
View file

@ -20,7 +20,7 @@ SPDX-License-Identifier: AGPL-3.0-only
<MkKeyValue> <MkKeyValue>
<template #key>{{ i18n.ts.description }}</template> <template #key>{{ i18n.ts.description }}</template>
<template #value><div v-html="sanitizeHtml(instance.description)"></div></template> <template #value><div v-html="sanitizeHtml(instance.description)"></div></template><!-- njsscan-ignore:vue_template -->
</MkKeyValue> </MkKeyValue>
<FormSection> <FormSection>
@ -29,8 +29,7 @@ SPDX-License-Identifier: AGPL-3.0-only
<template #key>Sharkey</template> <template #key>Sharkey</template>
<template #value>{{ version }}</template> <template #value>{{ version }}</template>
</MkKeyValue> </MkKeyValue>
<div v-html="i18n.tsx.poweredByMisskeyDescription({ name: instance.name ?? host })"> <div v-html="i18n.tsx.poweredByMisskeyDescription({ name: instance.name ?? host })"></div><!-- njsscan-ignore:vue_template -->
</div>
<FormLink to="/about-sharkey">{{ i18n.ts.aboutMisskey }}</FormLink> <FormLink to="/about-sharkey">{{ i18n.ts.aboutMisskey }}</FormLink>
</div> </div>
</FormSection> </FormSection>
@ -53,7 +52,7 @@ SPDX-License-Identifier: AGPL-3.0-only
<template #label>{{ i18n.ts.serverRules }}</template> <template #label>{{ i18n.ts.serverRules }}</template>
<ol class="_gaps_s" :class="$style.rules"> <ol class="_gaps_s" :class="$style.rules">
<li v-for="item, index in instance.serverRules" :key="index" :class="$style.rule"><div :class="$style.ruleText" v-html="sanitizeHtml(item)"></div></li> <li v-for="item, index in instance.serverRules" :key="index" :class="$style.rule"><div :class="$style.ruleText" v-html="sanitizeHtml(item)"></div></li><!-- njsscan-ignore:vue_template -->
</ol> </ol>
</MkFolder> </MkFolder>
<FormLink v-if="instance.tosUrl" :to="instance.tosUrl" external>{{ i18n.ts.termsOfService }}</FormLink> <FormLink v-if="instance.tosUrl" :to="instance.tosUrl" external>{{ i18n.ts.termsOfService }}</FormLink>

4
packages/frontend/src/pages/admin/roles.editor.vue
View file

@ -32,7 +32,7 @@ SPDX-License-Identifier: AGPL-3.0-only
<MkSelect v-model="rolePermission" :readonly="readonly"> <MkSelect v-model="rolePermission" :readonly="readonly">
<template #label><i class="ph-shield ph-bold ph-lg-lock"></i> {{ i18n.ts._role.permission }}</template> <template #label><i class="ph-shield ph-bold ph-lg-lock"></i> {{ i18n.ts._role.permission }}</template>
<template #caption><div v-html="i18n.ts._role.descriptionOfPermission.replaceAll('\n', '<br>')"></div></template> <template #caption><div v-html="i18n.ts._role.descriptionOfPermission.replaceAll('\n', '<br>')"></div></template><!-- njsscan-ignore:vue_template -->
<option value="normal">{{ i18n.ts.normalUser }}</option> <option value="normal">{{ i18n.ts.normalUser }}</option>
<option value="moderator">{{ i18n.ts.moderator }}</option> <option value="moderator">{{ i18n.ts.moderator }}</option>
<option value="administrator">{{ i18n.ts.administrator }}</option> <option value="administrator">{{ i18n.ts.administrator }}</option>
@ -40,7 +40,7 @@ SPDX-License-Identifier: AGPL-3.0-only
<MkSelect v-model="role.target" :readonly="readonly"> <MkSelect v-model="role.target" :readonly="readonly">
<template #label><i class="ph-users ph-bold ph-lg"></i> {{ i18n.ts._role.assignTarget }}</template> <template #label><i class="ph-users ph-bold ph-lg"></i> {{ i18n.ts._role.assignTarget }}</template>
<template #caption><div v-html="i18n.ts._role.descriptionOfAssignTarget.replaceAll('\n', '<br>')"></div></template> <template #caption><div v-html="i18n.ts._role.descriptionOfAssignTarget.replaceAll('\n', '<br>')"></div></template><!-- njsscan-ignore:vue_template -->
<option value="manual">{{ i18n.ts._role.manual }}</option> <option value="manual">{{ i18n.ts._role.manual }}</option>
<option value="conditional">{{ i18n.ts._role.conditional }}</option> <option value="conditional">{{ i18n.ts._role.conditional }}</option>
</MkSelect> </MkSelect>