fix: admin security UI

2020-05-30 16:42:48 -04:00 · 2020-05-30 16:42:48 -04:00 · 83f7c2867d
commit 83f7c2867d
parent 1f9e5b3fd0
2 changed files with 3 additions and 2 deletions
--- a/client/components/admin/admin-security.vue
+++ b/client/components/admin/admin-security.vue
@ -20,7 +20,7 @@
                v-card-info(color='red')
                  span Make sure to understand the implications before turning on / off a security feature.
                v-card-text
-                  v-switch.mt-3(
+                  v-switch(
                    inset
                    label='Block Open Redirect'
                    color='red darken-2'
@ -29,6 +29,7 @@
                    hint='Prevents user controlled URLs from directing to websites outside of your wiki. This provides Open Redirect protection.'
                    )

+                  v-divider.mt-3
                  v-switch.mt-3(
                    inset
                    label='Block IFrame Embedding'
--- a/server/middlewares/security.js
+++ b/server/middlewares/security.js
@ -39,7 +39,7 @@ module.exports = function (req, res, next) {
  // -> Prevent Open Redirect from user provided URL
  if (WIKI.config.security.securityOpenRedirect) {
    // Strips out all repeating / character in the provided URL
-    req.url = req.url.replace(/(\/)(?=\/*\1)/g, "")
+    req.url = req.url.replace(/(\/)(?=\/*\1)/g, '')
  }

  return next()