Merge pull request #293 from hkalexling/rc/0.26.1

v0.26.1
Bump version to 0.26.1
2026-01-24 00:03:14 -05:00 · 2022-04-04 22:11:24 +08:00 · 2022-04-04 13:33:03 +00:00 · 2022-04-04 13:20:36 +00:00 · 2022-04-04 21:16:44 +08:00 · 2022-04-04 03:20:52 +00:00
5 changed files with 15 additions and 7 deletions
--- a/README.md
+++ b/README.md
@@ -51,7 +51,7 @@ The official docker images are available on [Dockerhub](https://hub.docker.com/r
 ### CLI

 ```
-  Mango - Manga Server and Web Reader. Version 0.26.0
+  Mango - Manga Server and Web Reader. Version 0.26.1

  Usage:

@@ -88,7 +88,7 @@ upload_path: ~/mango/uploads
 plugin_path: ~/mango/plugins
 download_timeout_seconds: 30
 library_cache_path: ~/mango/library.yml.gz
-cache_enabled: false
+cache_enabled: true
 cache_size_mbs: 50
 cache_log_enabled: true
 disable_login: false
--- a/shard.lock
+++ b/shard.lock
@@ -68,6 +68,10 @@ shards:
    git: https://github.com/luislavena/radix.git
    version: 0.4.1

+  sanitize:
+    git: https://github.com/hkalexling/sanitize.git
+    version: 0.1.0+git.commit.e09520e972d0d9b70b71bb003e6831f7c2c59dce
+
  sqlite3:
    git: https://github.com/crystal-lang/crystal-sqlite3.git
    version: 0.18.0
--- a/shard.yml
+++ b/shard.yml
@@ -1,5 +1,5 @@
 name: mango
-version: 0.26.0
+version: 0.26.1

 authors:
  - Alex Ling <hkalexling@gmail.com>
@@ -42,3 +42,5 @@ dependencies:
    branch: master
  mg:
   github: hkalexling/mg
+  sanitize:
+    github: hkalexling/sanitize
--- a/src/mango.cr
+++ b/src/mango.cr
@@ -7,7 +7,7 @@ require "option_parser"
 require "clim"
 require "tallboy"

-MANGO_VERSION = "0.26.0"
+MANGO_VERSION = "0.26.1"

 # From http://www.network-science.de/ascii/
 BANNER = %{
--- a/src/routes/admin.cr
+++ b/src/routes/admin.cr
@@ -1,3 +1,5 @@
+require "sanitize"
+
 struct AdminRouter
  def initialize
    get "/admin" do |env|
@@ -14,13 +16,13 @@ struct AdminRouter
    end

    get "/admin/user/edit" do |env|
-      username = env.params.query["username"]?
+      sanitizer = Sanitize::Policy::Text.new
+      username = env.params.query["username"]?.try { |s| sanitizer.process s }
      admin = env.params.query["admin"]?
      if admin
        admin = admin == "true"
      end
-      error = env.params.query["error"]?
-      current_user = get_username env
+      error = env.params.query["error"]?.try { |s| sanitizer.process s }
      new_user = username.nil? && admin.nil?
      layout "user-edit"
    end
Author	SHA1	Message	Date
Alex Ling	c831879c23	Merge pull request #293 from hkalexling/rc/0.26.1 v0.26.1	2022-04-04 22:11:24 +08:00
Alex Ling	171b44643c	Bump version to 0.26.1	2022-04-04 13:33:03 +00:00
Alex Ling	a353029fcd	Merge branch 'master' into dev	2022-04-04 13:20:36 +00:00
Alex Ling	75e26d8624	Merge pull request #292 from hkalexling/fix/sanitize-html Sanitize parameters on user edit page (fixes #289)	2022-04-04 21:16:44 +08:00
Alex Ling	ebe2c8efed	Sanitize parameters on user edit page (fixes #289 )	2022-04-04 03:20:52 +00:00
Alex Ling	b8ce1cc7f1	Merge pull request #286 from hkalexling/rc/0.26.0 v0.26.0	2022-04-03 18:41:14 +08:00
Alex Ling	a101526672	Merge pull request #271 from hkalexling/rc/0.25.0 v0.25.0	2022-02-12 12:55:35 +08:00
Alex Ling	eca47e3d32	Update README config example	2022-02-11 14:28:05 +00:00