-
+
{group.name}
-
+
{group.description}
diff --git a/apps/client/src/features/space/components/space-list.tsx b/apps/client/src/features/space/components/space-list.tsx
index b7fc3ec7..79b661ea 100644
--- a/apps/client/src/features/space/components/space-list.tsx
+++ b/apps/client/src/features/space/components/space-list.tsx
@@ -8,6 +8,7 @@ import { useTranslation } from "react-i18next";
import Paginate from "@/components/common/paginate.tsx";
import { CustomAvatar } from "@/components/ui/custom-avatar.tsx";
import { AvatarIconType } from "@/features/attachments/types/attachment.types.ts";
+import { AutoTooltipText } from "@/components/ui/auto-tooltip-text.tsx";
export default function SpaceList() {
const { t } = useTranslation();
@@ -49,9 +50,9 @@ export default function SpaceList() {
name={space.name}
/>
-
+
{space.name}
-
+
{space.description}
diff --git a/apps/client/src/features/space/components/space-members.tsx b/apps/client/src/features/space/components/space-members.tsx
index 06300293..9186daaf 100644
--- a/apps/client/src/features/space/components/space-members.tsx
+++ b/apps/client/src/features/space/components/space-members.tsx
@@ -27,6 +27,7 @@ import { useTranslation } from "react-i18next";
import Paginate from "@/components/common/paginate.tsx";
import { SearchInput } from "@/components/common/search-input.tsx";
import { usePaginateAndSearch } from "@/hooks/use-paginate-and-search.tsx";
+import { AutoTooltipText } from "@/components/ui/auto-tooltip-text.tsx";
type MemberType = "user" | "group";
@@ -138,10 +139,10 @@ export default function SpaceMembersList({
{member.type === "group" &&
}
-
-
+
+
{member?.name}
-
+
{member.type == "user" && member?.email}
diff --git a/apps/client/src/features/space/components/spaces-page/all-spaces-list.tsx b/apps/client/src/features/space/components/spaces-page/all-spaces-list.tsx
index 4106f203..acfae399 100644
--- a/apps/client/src/features/space/components/spaces-page/all-spaces-list.tsx
+++ b/apps/client/src/features/space/components/spaces-page/all-spaces-list.tsx
@@ -23,6 +23,7 @@ import SpaceSettingsModal from "@/features/space/components/settings-modal";
import classes from "./all-spaces-list.module.css";
import { CustomAvatar } from "@/components/ui/custom-avatar.tsx";
import { AvatarIconType } from "@/features/attachments/types/attachment.types.ts";
+import { AutoTooltipText } from "@/components/ui/auto-tooltip-text.tsx";
interface AllSpacesListProps {
spaces: any[];
@@ -96,10 +97,10 @@ export default function AllSpacesList({
variant="filled"
size="md"
/>
-
-
+
+
{space.name}
-
+
{space.description && (
{space.description}
diff --git a/apps/client/src/lib/get-initials-color.ts b/apps/client/src/lib/get-initials-color.ts
new file mode 100644
index 00000000..cbf90680
--- /dev/null
+++ b/apps/client/src/lib/get-initials-color.ts
@@ -0,0 +1,34 @@
+import { MantineColor } from "@mantine/core";
+
+function hashCode(input: string) {
+ let hash = 0;
+ for (let i = 0; i < input.length; i += 1) {
+ const char = input.charCodeAt(i);
+ hash = (hash << 5) - hash + char;
+ hash |= 0;
+ }
+ return hash;
+}
+
+const defaultColors: MantineColor[] = [
+ "blue",
+ "cyan",
+ "grape",
+ "green",
+ "indigo",
+ "lime",
+ "orange",
+ "pink",
+ "red",
+ "teal",
+ "violet",
+];
+
+export function getInitialsColor(
+ name: string,
+ colors: MantineColor[] = defaultColors,
+) {
+ const hash = hashCode(name);
+ const index = Math.abs(hash) % colors.length;
+ return colors[index];
+}
diff --git a/apps/server/src/common/helpers/html-escaper.ts b/apps/server/src/common/helpers/html-escaper.ts
new file mode 100644
index 00000000..66e9f6dc
--- /dev/null
+++ b/apps/server/src/common/helpers/html-escaper.ts
@@ -0,0 +1,71 @@
+// https://github.com/WebReflection/html-escaper
+/**
+ * Copyright (C) 2017-present by Andrea Giammarchi - @WebReflection
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+const { replace } = '';
+
+// escape
+const es = /&(?:amp|#38|lt|#60|gt|#62|apos|#39|quot|#34);/g;
+const ca = /[&<>'"]/g;
+
+const esca = {
+ '&': '&',
+ '<': '<',
+ '>': '>',
+ "'": ''',
+ '"': '"',
+};
+const pe = (m) => esca[m];
+
+/**
+ * Safely escape HTML entities such as `&`, `<`, `>`, `"`, and `'`.
+ * @param {string} es the input to safely escape
+ * @returns {string} the escaped input, and it **throws** an error if
+ * the input type is unexpected, except for boolean and numbers,
+ * converted as string.
+ */
+export const htmlEscape = (es) => replace.call(es, ca, pe);
+
+// unescape
+const unes = {
+ '&': '&',
+ '&': '&',
+ '<': '<',
+ '<': '<',
+ '>': '>',
+ '>': '>',
+ ''': "'",
+ ''': "'",
+ '"': '"',
+ '"': '"',
+};
+const cape = (m) => unes[m];
+
+/**
+ * Safely unescape previously escaped entities such as `&`, `<`, `>`, `"`,
+ * and `'`.
+ * @param {string} un a previously escaped string
+ * @returns {string} the unescaped input, and it **throws** an error if
+ * the input type is unexpected, except for boolean and numbers,
+ * converted as string.
+ */
+export const htmlUnescape = (un) => replace.call(un, es, cape);
diff --git a/apps/server/src/core/share/share-seo.controller.ts b/apps/server/src/core/share/share-seo.controller.ts
index ecacecf0..51967ada 100644
--- a/apps/server/src/core/share/share-seo.controller.ts
+++ b/apps/server/src/core/share/share-seo.controller.ts
@@ -7,6 +7,7 @@ import { validate as isValidUUID } from 'uuid';
import { WorkspaceRepo } from '@docmost/db/repos/workspace/workspace.repo';
import { EnvironmentService } from '../../integrations/environment/environment.service';
import { Workspace } from '@docmost/db/types/entity.types';
+import { htmlEscape } from '../../common/helpers/html-escaper';
@Controller('share')
export class ShareSeoController {
@@ -68,7 +69,7 @@ export class ShareSeoController {
return this.sendIndex(indexFilePath, res);
}
- const rawTitle = share.sharedPage.title ?? 'untitled';
+ const rawTitle = htmlEscape(share?.sharedPage.title ?? 'untitled');
const metaTitle =
rawTitle.length > 80 ? `${rawTitle.slice(0, 77)}…` : rawTitle;
diff --git a/package.json b/package.json
index bffe70ca..8ccd7926 100644
--- a/package.json
+++ b/package.json
@@ -16,11 +16,11 @@
"server:start": "nx run server:start:prod",
"email:dev": "nx run server:email:dev",
"dev": "pnpm concurrently -n \"frontend,backend\" -c \"cyan,green\" \"pnpm run client:dev\" \"pnpm run server:dev\"",
- "clean": "rm -rf apps/*/dist packages/*/dist"
+ "clean": "rm -rf apps/*/dist packages/*/dist apps/*/node_modules/.vite"
},
"dependencies": {
"@braintree/sanitize-url": "^7.1.0",
- "@casl/ability": "^6.7.5",
+ "@casl/ability": "6.8.0",
"@docmost/editor-ext": "workspace:*",
"@floating-ui/dom": "^1.7.3",
"@hocuspocus/extension-redis": "3.4.3",
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index f5fa82bc..b75c4560 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -22,8 +22,8 @@ importers:
specifier: ^7.1.0
version: 7.1.0
'@casl/ability':
- specifier: ^6.7.5
- version: 6.7.5
+ specifier: 6.8.0
+ version: 6.8.0
'@docmost/editor-ext':
specifier: workspace:*
version: link:packages/editor-ext
@@ -210,7 +210,7 @@ importers:
dependencies:
'@casl/react':
specifier: ^4.0.0
- version: 4.0.0(@casl/ability@6.7.5)(react@18.3.1)
+ version: 4.0.0(@casl/ability@6.8.0)(react@18.3.1)
'@docmost/editor-ext':
specifier: workspace:*
version: link:../../packages/editor-ext
@@ -1838,8 +1838,8 @@ packages:
'@braintree/sanitize-url@7.1.1':
resolution: {integrity: sha512-i1L7noDNxtFyL5DmZafWy1wRVhGehQmzZaz1HiN5e7iylJMSZR7ekOV7NsIqa5qBldlLrsKv4HbgFUVlQrz8Mw==}
- '@casl/ability@6.7.5':
- resolution: {integrity: sha512-NaOHPi9JMn8Kesh+GRkjNKAYkl4q8qMFAlqw7w2yrE+cBQZSbV9GkBGKvgzs3CdzEc5Yl1cn3JwDxxbBN5gjog==}
+ '@casl/ability@6.8.0':
+ resolution: {integrity: sha512-Ipt4mzI4gSgnomFdaPjaLgY2MWuXqAEZLrU6qqWBB7khGiBBuuEp6ytYDnq09bRXqcjaeeHiaCvCGFbBA2SpvA==}
'@casl/react@4.0.0':
resolution: {integrity: sha512-ovmI4JfNw7TfVVV+XhAJ//gXgMEkkPJU6YBWFVFZGa8Oikdh8Qxr/sdXcqj71QWEHAGN7aSKMtBE0MZylPUVsg==}
@@ -12159,13 +12159,13 @@ snapshots:
'@braintree/sanitize-url@7.1.1': {}
- '@casl/ability@6.7.5':
+ '@casl/ability@6.8.0':
dependencies:
'@ucast/mongo2js': 1.3.4
- '@casl/react@4.0.0(@casl/ability@6.7.5)(react@18.3.1)':
+ '@casl/react@4.0.0(@casl/ability@6.8.0)(react@18.3.1)':
dependencies:
- '@casl/ability': 6.7.5
+ '@casl/ability': 6.8.0
react: 18.3.1
'@cfworker/json-schema@4.1.1': {}