BetterSEQTA/BetterSEQTA-Plus
1
0
Fork 0
mirror of https://github.com/BetterSEQTA/BetterSEQTA-Plus.git synced 2026-06-06 03:34:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

vuln-fix: removed image urls, relying on blobs now

Browse Source
This commit is contained in:
Alphons Joseph
2025-03-18 15:23:04 +08:00
parent f4ae9098d8
commit 9a71a5241a
3 changed files with 6 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/interface/pages/themeCreator.svelte
+4 -6
View File
@@ -73,10 +73,8 @@
const loadedTheme = {
...tempTheme,
CustomImages: tempTheme.CustomImages.map(image => ({
...image,
url: image.blob ? URL.createObjectURL(image.blob) : null
})),
coverImageUrl: tempTheme.coverImage ? URL.createObjectURL(tempTheme.coverImage) : undefined
...image
}))
}
if (tempTheme) {
@@ -210,7 +208,7 @@
{#each theme.CustomImages as image (image.id)}
<div class="flex gap-2 items-center px-2 py-2 mb-4 h-16 bg-white rounded-lg shadow-lg dark:bg-zinc-700">
<div class="h-full">
<img src={image.url} alt={image.variableName} class="object-contain h-full rounded-xs" />
<img src="data:image/png;base64, {image.blob}" alt={image.variableName} class="object-contain h-full rounded-xs" />
</div>
<input
type="text"
@@ -310,7 +308,7 @@
{/if}
{#if theme.coverImage}
<div class="absolute z-20 w-full h-full opacity-0 transition-opacity pointer-events-none group-hover:opacity-100 bg-black/20"></div>
<img src={theme.coverImageUrl} alt='Cover' class="object-cover absolute z-0 w-full h-full rounded-xs" />
<img src="data:image/png;base64, {theme.coverImage}" alt='Cover' class="object-cover absolute z-0 w-full h-full rounded-xs" />
{/if}
</div>
src/interface/utils/themeImageHandlers.ts
+2 -2
View File
@@ -17,7 +17,7 @@ export function handleImageUpload(event: Event, theme: LoadedCustomTheme): Promi
const variableName = `custom-image-${theme.CustomImages.length}`;
resolve({
...theme,
CustomImages: [...theme.CustomImages, { id: imageId, blob: imageBlob, variableName, url: URL.createObjectURL(imageBlob) }],
CustomImages: [...theme.CustomImages, { id: imageId, blob: imageBlob, variableName, url: null }],
});
};
reader.readAsDataURL(file);
@@ -51,7 +51,7 @@ export function handleCoverImageUpload(event: Event, theme: LoadedCustomTheme):
const reader = new FileReader();
reader.onload = async () => {
const imageBlob = await fetch(reader.result as string).then(res => res.blob());
resolve({ ...theme, coverImage: imageBlob, coverImageUrl: URL.createObjectURL(imageBlob) });
resolve({ ...theme, coverImage: imageBlob });
};
reader.readAsDataURL(file);
});