search

ssbc / patchbay

An alternative Secure Scuttlebutt client interface that is fully compatible with Patchwork
http://www.scuttlebutt.nz
388 stars 78 forks source link

Render safety fix #282

Closed dangerousbeans closed 5 years ago

dangerousbeans commented 5 years ago

This message %JPZYF35kaoa2XAKjzCPy7/fQ1NyWPKDVC8pLqJ5E6Z4=.sha256

"content": {
      "type": "about",
      "description": {
        "innerHTML": "test innerHTML",
        "insert": {
          "before": "alert('test insert before')"
        },
        "type": "Node"
      },
      "about": "@TXKFQehlyoSn8UJAIVP/k2BjFINC591MlBC2e2d24mA=.ed25519"
    }

upsets this bit

const metaData = [
      name ? h('div', [ h('strong', 'Name: '), name ]) : undefined,
      description ? h('div', [ h('strong', 'Description: '), description ]) : undefined,
      image ? h('img', { src: api.blob.sync.url(image), style: { 'margin-top': '.5rem' } }) : undefined
    ]

So now there's some safety checks so I can view my profile again

dangerousbeans commented 5 years ago

...also a million merge commits for some reason

christianbundy commented 5 years ago

Nice, thanks! Hope you don't mind I cherry-picked your relevant commit, but this should now be resolved in master.