diff --git a/helpers/parse.js b/helpers/parse.js
index 24487131..c04b4671 100644
--- a/helpers/parse.js
+++ b/helpers/parse.js
@@ -19,6 +19,11 @@ export const configuredXss = new xss.FilterXSS({
area: [...xss.whiteList.a, 'coords'],
a: [...xss.whiteList.a, 'rel'],
},
+ css: {
+ whiteList: {
+ 'image-rendering': /^pixelated$/,
+ },
+ },
onIgnoreTagAttr: (tag, name, value) => {
// Allow iframes from acceptable sources
if (tag === 'iframe' && name === 'src') {
@@ -53,7 +58,7 @@ export const configuredXss = new xss.FilterXSS({
return name + '="' + xss.escapeAttrValue(value) + '"'
}
},
- safeAttrValue(tag, name, value, _cssFilter) {
+ safeAttrValue(tag, name, value, cssFilter) {
if (tag === 'img' && name === 'src' && !value.startsWith('data:')) {
try {
const url = new URL(value)
@@ -75,12 +80,17 @@ export const configuredXss = new xss.FilterXSS({
]
if (!allowedHostnames.includes(url.hostname)) {
- return `https://wsrv.nl/?url=${encodeURIComponent(value)}&n=-1`
+ return xss.safeAttrValue(
+ tag,
+ name,
+ `https://wsrv.nl/?url=${encodeURIComponent(value)}&n=-1`,
+ cssFilter
+ )
}
} catch (err) {}
}
- return value
+ return xss.safeAttrValue(tag, name, value, cssFilter)
},
})
diff --git a/layouts/default.vue b/layouts/default.vue
index 968c99bd..c48f773f 100644
--- a/layouts/default.vue
+++ b/layouts/default.vue
@@ -297,7 +297,9 @@
Terms
Privacy
Rules
- Careers
+ Careers 1
Resources
@@ -1041,7 +1043,7 @@ export default defineNuxtComponent({
border-radius: 5rem;
background: var(--color-brand);
color: var(--color-text-inverted);
- padding: 0 0.25rem;
+ padding: 0 0.35rem;
margin-left: 0.25rem;
}
}
diff --git a/nuxt.config.ts b/nuxt.config.ts
index 5d7d6038..b27283c8 100644
--- a/nuxt.config.ts
+++ b/nuxt.config.ts
@@ -173,8 +173,6 @@ export default defineNuxtConfig({
},
runtimeConfig: {
apiBaseUrl: process.env.BASE_URL ?? getApiUrl(),
- ariadneBaseUrl: process.env.ARIADNE_URL ?? getAriadneUrl(),
- ariadneAdminKey: process.env.ARIADNE_ADMIN_KEY,
rateLimitKey: process.env.RATE_LIMIT_IGNORE_KEY,
public: {
apiBaseUrl: getApiUrl(),