jebus/enviPy-bayer
1
0
Fork 0
forked from enviPath/enviPy
Code Issues Pull Requests Actions Releases Activity
120 Commits 19 Branches 8 Tags
67b1baa5b0470e8bc8f818d8a0cd6486f8845eba
Commit Graph

5 Commits

Author SHA1 Message Date
Tobias O
21d30a923f [Refactor] Large scale formatting/linting (#193) 
All html files now prettier formatted and fixes for incompatible blocks applied

Co-authored-by: Tim Lorsbach <tim@lorsba.ch>
Reviewed-on: enviPath/enviPy#193
Co-authored-by: Tobias O <tobias.olenyi@envipath.com>
Co-committed-by: Tobias O <tobias.olenyi@envipath.com>
 2025-11-12 22:47:10 +13:00
liambrydon
34589efbde [Fix] Mitigate XSS attack vector by cleaning input before it hits our Database (#171) 
## Changes

- All text input fields are now cleaned with nh3 to remove html tags. We allow certain html tags under `settings.py/ALLOWED_HTML_TAGS` so we can easily update the tags we allow in the future.
- All names and descriptions now use the template tag `nh_safe` in all html files.
- Usernames and emails are a small exception and are not allowed any html tags

Co-authored-by: Liam Brydon <62733830+MyCreativityOutlet@users.noreply.github.com>
Co-authored-by: jebus <lorsbach@envipath.com>
Co-authored-by: Tim Lorsbach <tim@lorsba.ch>
Reviewed-on: enviPath/enviPy#171
Reviewed-by: jebus <lorsbach@envipath.com>
Co-authored-by: liambrydon <lbry121@aucklanduni.ac.nz>
Co-committed-by: liambrydon <lbry121@aucklanduni.ac.nz>
 2025-11-11 22:49:55 +13:00
jebus
02d84a9b29 Fix wrong Button Label in "Compound -> Edit" (#64) 
Co-authored-by: Tim Lorsbach <tim@lorsba.ch>
Reviewed-on: enviPath/enviPy#64
 2025-08-28 06:32:42 +12:00
jebus
df896878f1 Basic System (#31) 
Co-authored-by: Tim Lorsbach <tim@lorsba.ch>
Reviewed-on: enviPath/enviPy#31
 2025-07-23 06:47:07 +12:00
Tim Lorsbach
ded50edaa2 Current Dev State 2025-06-23 20:13:54 +02:00