Re: [openstreetmap/openstreetmap-website] Add social profile links (PR #5439)

Anton Khorev via rails-dev Thu, 26 Dec 2024 17:12:40 -0800

@AntonKhorev commented on this pull request.



> +#  created_at :datetime         not null
+#  updated_at :datetime         not null
+#
+# Indexes
+#
+#  index_social_links_on_user_id  (user_id)
+#
+# Foreign Keys
+#
+#  fk_rails_...  (user_id => users.id)
+#
+
+class SocialLink < ApplicationRecord
+  belongs_to :user
+
+  validates :url, :presence => true, :format => { :with => 
URI::DEFAULT_PARSER.make_regexp(%w[http https]), :message => 
I18n.t("profiles.edit.social_links.http_parse_error") }

This doesn't check if `url` starts with `http://`.

And if you also disable CSP:
![image](https://github.com/user-attachments/assets/52f7c65d-f423-4093-8483-63e236e0e6df)


-- 
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/5439#pullrequestreview-2523564622
You are receiving this because you are subscribed to this thread.

Message ID: 
<openstreetmap/openstreetmap-website/pull/5439/review/2523564...@github.com>

_______________________________________________
rails-dev mailing list
rails-dev@openstreetmap.org
https://lists.openstreetmap.org/listinfo/rails-dev

Re: [openstreetmap/openstreetmap-website] Add social profile links (PR #5439)

Reply via email to