search

brave / ads-ui

Self-service ads UI
Mozilla Public License 2.0
22 stars 11 forks source link

fix: extract translations #1181

Closed tackley closed 4 months ago

tackley commented 4 months ago

Apparently if you don't do this you get junk displayed after deployment. Going forward we need to make this less error-prone. But for now just run npm run extract.

Also fix a typo that I noticed while reviewing.

Screenshot 2024-05-01 at 17 30 51
github-actions[bot] commented 4 months ago

[puLL-Merge] - brave/ads-ui@1181

Description

This PR makes changes to the user interface for the search advertising setup flow. It adds new components and sections for reviewing the advertiser profile, selected ads, landing page details, and query parameters. The motivation seems to be to provide a more guided and detailed setup process for advertisers creating search campaigns.

Changes ### Changes Translations (`src/locales/*.po`): - Adds new translations for labels and text used in the new setup flow components - Updates some existing translations that were moved to new components `src/user/views/user/search/SetupProgress.tsx`: - Adds a new `SetupProgress` component that shows the overall progress and steps in the search campaign setup flow `src/user/views/user/search/Finalize.tsx`: - Adds a new `Finalize` component for the final setup step - Includes sections to add notes for the account manager and review query string parameters that will be appended to landing page URLs for tracking - Fixes a typo in the query parameters section title `src/user/views/user/search/LandingPageDetail.tsx`: - Adds inputs for the full landing page URL and sample search queries `src/user/views/user/search/SummaryPanel.tsx`: - Renames the existing `Summary` component to `SummaryPanel` - Adds a section to display the selected ads

Security Hotspots

  1. Appending arbitrary query parameters to advertiser landing page URLs could potentially be abused if not properly validated and sanitized. The values should be strictly checked to prevent injection of malicious scripts or URLs.

  2. The notes field where advertisers can enter free text to send to the account manager should have its contents sanitized and scanned for potential spam or abusive language before storing and displaying to the recipient.

  3. Any new form inputs added, like the landing page URL, should have strict validation and error handling to prevent malformed data from being submitted.