BetterSEQTA/BetterSEQTA-Plus
1
0
Fork 0
mirror of https://github.com/BetterSEQTA/BetterSEQTA-Plus.git synced 2026-06-06 03:34:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

vuln-fix: removed image urls, relying on blobs now

Browse Source
This commit is contained in:
Alphons Joseph
2025-03-18 15:23:04 +08:00
parent f4ae9098d8
commit 9a71a5241a
3 changed files with 6 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/interface/pages/themeCreator.svelte
+4 -6
View File
@@ -73,10 +73,8 @@
const loadedTheme = { const loadedTheme = {
...tempTheme, ...tempTheme,
CustomImages: tempTheme.CustomImages.map(image => ({ CustomImages: tempTheme.CustomImages.map(image => ({
...image, ...image
url: image.blob ? URL.createObjectURL(image.blob) : null }))
})),
coverImageUrl: tempTheme.coverImage ? URL.createObjectURL(tempTheme.coverImage) : undefined
} }
if (tempTheme) { if (tempTheme) {
@@ -210,7 +208,7 @@
{#each theme.CustomImages as image (image.id)} {#each theme.CustomImages as image (image.id)}
<div class="flex gap-2 items-center px-2 py-2 mb-4 h-16 bg-white rounded-lg shadow-lg dark:bg-zinc-700"> <div class="flex gap-2 items-center px-2 py-2 mb-4 h-16 bg-white rounded-lg shadow-lg dark:bg-zinc-700">
<div class="h-full"> <div class="h-full">
<img src={image.url} alt={image.variableName} class="object-contain h-full rounded-xs" /> <img src="data:image/png;base64, {image.blob}" alt={image.variableName} class="object-contain h-full rounded-xs" />
</div> </div>
<input <input
type="text" type="text"
@@ -310,7 +308,7 @@
{/if} {/if}
{#if theme.coverImage} {#if theme.coverImage}
<div class="absolute z-20 w-full h-full opacity-0 transition-opacity pointer-events-none group-hover:opacity-100 bg-black/20"></div> <div class="absolute z-20 w-full h-full opacity-0 transition-opacity pointer-events-none group-hover:opacity-100 bg-black/20"></div>
<img src={theme.coverImageUrl} alt='Cover' class="object-cover absolute z-0 w-full h-full rounded-xs" /> <img src="data:image/png;base64, {theme.coverImage}" alt='Cover' class="object-cover absolute z-0 w-full h-full rounded-xs" />
{/if} {/if}
</div> </div>
src/interface/utils/themeImageHandlers.ts
+2 -2
View File
@@ -17,7 +17,7 @@ export function handleImageUpload(event: Event, theme: LoadedCustomTheme): Promi
const variableName = `custom-image-${theme.CustomImages.length}`; const variableName = `custom-image-${theme.CustomImages.length}`;
resolve({ resolve({
...theme, ...theme,
CustomImages: [...theme.CustomImages, { id: imageId, blob: imageBlob, variableName, url: URL.createObjectURL(imageBlob) }], CustomImages: [...theme.CustomImages, { id: imageId, blob: imageBlob, variableName, url: null }],
}); });
}; };
reader.readAsDataURL(file); reader.readAsDataURL(file);
@@ -51,7 +51,7 @@ export function handleCoverImageUpload(event: Event, theme: LoadedCustomTheme):
const reader = new FileReader(); const reader = new FileReader();
reader.onload = async () => { reader.onload = async () => {
const imageBlob = await fetch(reader.result as string).then(res => res.blob()); const imageBlob = await fetch(reader.result as string).then(res => res.blob());
resolve({ ...theme, coverImage: imageBlob, coverImageUrl: URL.createObjectURL(imageBlob) }); resolve({ ...theme, coverImage: imageBlob });
}; };
reader.readAsDataURL(file); reader.readAsDataURL(file);
}); });
src/types/CustomThemes.ts
-2
View File
@@ -20,9 +20,7 @@ export type LoadedCustomTheme = CustomTheme & {
id: string; id: string;
blob: Blob; blob: Blob;
variableName: string; variableName: string;
url: string | null;
}[]; }[];
coverImageUrl?: string;
}; };
export type DownloadedTheme = CustomTheme & { export type DownloadedTheme = CustomTheme & {