Nurfog/openccb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: update dependencies and improve MermaidBlock security

Browse Source 
- Updated mermaid from version 11.13.0 to 9.1.7 for compatibility.
- Upgraded next from version 14.2.21 to ^14.2.35 for the latest features and fixes.
- Added @types/dompurify and isomorphic-dompurify for improved sanitization.
- Replaced innerHTML assignment in MermaidBlock with sanitized SVG using DOMPurify.
- Updated eslint-config-next to ^16.2.4 for better linting support.
This commit is contained in:
Juan Enrique Allende Cifuentes
2026-04-28 15:15:16 -04:00
parent 567fa66428
commit 2c8bfaa20e
39 changed files with 3701 additions and 2866 deletions
Download Patch File Download Diff File Expand all files Collapse all files
nginx/learning.conf
+7
View File
@@ -10,6 +10,10 @@ add_header Permissions-Policy "camera=(), microphone=(), geolocation=()" always;
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https:; font-src 'self' data:; connect-src 'self' https:; media-src 'self' blob: https:; object-src 'none'; frame-ancestors 'self';" always;
location /lms-api/ {
add_header Cache-Control "no-store, no-cache, must-revalidate, max-age=0" always;
add_header Pragma "no-cache" always;
add_header Expires "0" always;
rewrite ^/lms-api/(.*)$ /$1 break;
proxy_pass http://openccb-experience:3002;
proxy_set_header Host $host;
@@ -47,6 +51,9 @@ location /cms-api/ {
add_header Vary "Origin" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Cache-Control "no-store, no-cache, must-revalidate, max-age=0" always;
add_header Pragma "no-cache" always;
add_header Expires "0" always;
rewrite ^/cms-api/(.*)$ /$1 break;
proxy_pass http://openccb-studio:3001;
nginx/studio.conf
+39
View File
@@ -62,6 +62,9 @@ location /cms-api/ {
add_header Vary "Origin" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Cache-Control "no-store, no-cache, must-revalidate, max-age=0" always;
add_header Pragma "no-cache" always;
add_header Expires "0" always;
rewrite ^/cms-api/(.*)$ /$1 break;
proxy_pass http://openccb-studio:3001;
@@ -79,6 +82,10 @@ location /cms-api/ {
}
location /lms-api/ {
add_header Cache-Control "no-store, no-cache, must-revalidate, max-age=0" always;
add_header Pragma "no-cache" always;
add_header Expires "0" always;
rewrite ^/lms-api/(.*)$ /$1 break;
proxy_pass http://openccb-experience:3002;
proxy_set_header Host $host;
@@ -108,6 +115,10 @@ location = /auth/login {
return 418;
}
add_header Cache-Control "no-store, no-cache, must-revalidate, max-age=0" always;
add_header Pragma "no-cache" always;
add_header Expires "0" always;
proxy_pass http://openccb-studio:3001;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
@@ -123,6 +134,10 @@ location = /auth/register {
return 418;
}
add_header Cache-Control "no-store, no-cache, must-revalidate, max-age=0" always;
add_header Pragma "no-cache" always;
add_header Expires "0" always;
proxy_pass http://openccb-studio:3001;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
@@ -143,6 +158,10 @@ location = /auth/callback {
}
location = /auth/me {
add_header Cache-Control "no-store, no-cache, must-revalidate, max-age=0" always;
add_header Pragma "no-cache" always;
add_header Expires "0" always;
proxy_pass http://openccb-studio:3001;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
@@ -153,6 +172,10 @@ location = /auth/me {
}
location /auth/sso/ {
add_header Cache-Control "no-store, no-cache, must-revalidate, max-age=0" always;
add_header Pragma "no-cache" always;
add_header Expires "0" always;
proxy_pass http://openccb-studio:3001;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
@@ -163,6 +186,10 @@ location /auth/sso/ {
}
location /auth/ {
add_header Cache-Control "no-store, no-cache, must-revalidate, max-age=0" always;
add_header Pragma "no-cache" always;
add_header Expires "0" always;
proxy_pass http://openccb-studio:3001;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
@@ -173,6 +200,10 @@ location /auth/ {
}
location = /organization {
add_header Cache-Control "no-store, no-cache, must-revalidate, max-age=0" always;
add_header Pragma "no-cache" always;
add_header Expires "0" always;
proxy_pass http://openccb-studio:3001;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
@@ -183,6 +214,10 @@ location = /organization {
}
location /organization/ {
add_header Cache-Control "no-store, no-cache, must-revalidate, max-age=0" always;
add_header Pragma "no-cache" always;
add_header Expires "0" always;
proxy_pass http://openccb-studio:3001;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
@@ -193,6 +228,10 @@ location /organization/ {
}
location = /branding {
add_header Cache-Control "no-store, no-cache, must-revalidate, max-age=0" always;
add_header Pragma "no-cache" always;
add_header Expires "0" always;
proxy_pass http://openccb-studio:3001;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;