Validate theme font and background URLs at the schema layer
`ThemeFontSchema.url` and `ThemeBackgroundSchema.url` previously accepted any string, relying entirely on downstream `sanitizeUrl()` calls for protocol enforcement. Tightening the schema to `z.url()` rejects obviously malformed inputs up front and matches the approach already used for the relay list (`BlossomServersEventSchema`). `sanitizeUrl()` remains the authoritative guard for `https:` enforcement at render time.
This commit is contained in:
+5
-2
@@ -64,12 +64,15 @@ export const ThemeColorsCompatSchema = z.union([
|
||||
/** Zod schema for ThemeFont */
|
||||
export const ThemeFontSchema = z.object({
|
||||
family: z.string(),
|
||||
url: z.string().optional(),
|
||||
// Reject non-URL strings at the schema layer. Downstream consumers still
|
||||
// run the value through \`sanitizeUrl()\` to enforce \`https:\` and strip
|
||||
// \`javascript:\`/\`data:\` URIs before use — this is defense-in-depth.
|
||||
url: z.url().optional(),
|
||||
});
|
||||
|
||||
/** Zod schema for ThemeBackground */
|
||||
export const ThemeBackgroundSchema = z.object({
|
||||
url: z.string(),
|
||||
url: z.url(),
|
||||
mode: z.enum(['cover', 'tile']).optional(),
|
||||
dimensions: z.string().optional(),
|
||||
mimeType: z.string().optional(),
|
||||
|
||||
Reference in New Issue
Block a user