Simon/ConvertX
1
0
Fork 0
mirror of https://github.com/C4illin/ConvertX.git synced 2026-06-27 22:45:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge commit from fork

Browse Source 
Co-authored-by: Ayushi Rathore <ayushirathore@Ayushis-MacBook-Air.local>
This commit is contained in:
Emrik Östling
2026-06-21 21:04:29 +02:00
committed by GitHub
parent 0965928949
commit e125326720
4 changed files with 25 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
public/script.js
View File

@@ -42,7 +42,7 @@ function handleFile(file) {
<td>${file.name}</td> <td>${file.name}</td>
<td><progress max="100" class="inline-block h-2 appearance-none overflow-hidden rounded-full border-0 bg-neutral-700 bg-none text-accent-500 accent-accent-500 [&::-moz-progress-bar]:bg-accent-500 [&::-webkit-progress-value]:rounded-full [&::-webkit-progress-value]:[background:none] [&[value]::-webkit-progress-value]:bg-accent-500 [&[value]::-webkit-progress-value]:transition-[inline-size]"></progress></td> <td><progress max="100" class="inline-block h-2 appearance-none overflow-hidden rounded-full border-0 bg-neutral-700 bg-none text-accent-500 accent-accent-500 [&::-moz-progress-bar]:bg-accent-500 [&::-webkit-progress-value]:rounded-full [&::-webkit-progress-value]:[background:none] [&[value]::-webkit-progress-value]:bg-accent-500 [&[value]::-webkit-progress-value]:transition-[inline-size]"></progress></td>
<td>${(file.size / 1024).toFixed(2)} kB</td> <td>${(file.size / 1024).toFixed(2)} kB</td>
<td><a onclick="deleteRow(this)">Remove</a></td> <td><button type="button" class="text-accent-500 hover:underline" onclick="deleteRow(this)">Remove</button></td>
`; `;
if (!fileType) { if (!fileType) {

4
src/pages/deleteJob.tsx
View File

@@ -8,7 +8,9 @@ import { Jobs } from "../db/types";
export const deleteJob = new Elysia() export const deleteJob = new Elysia()
.use(userService) .use(userService)
.get( // SECURE: Use POST instead of GET for state-changing actions to prevent CSRF.
// Browsers automatically follow GET links, which can lead to silent data deletion.
.post(
"/delete/:jobId", "/delete/:jobId",
async ({ params, redirect, user }) => { async ({ params, redirect, user }) => {
const job = db const job = db

20
src/pages/history.tsx
View File

@@ -185,15 +185,17 @@ export const history = new Elysia().use(userService).get(
> >
<EyeIcon /> <EyeIcon />
</a> </a>
<a <form action={`${WEBROOT}/delete/${job.id}`} method="POST" class="inline">
class={` <button
text-accent-500 underline type="submit"
hover:text-accent-400 class={`
`} text-accent-500 underline
href={`${WEBROOT}/delete/${job.id}`} hover:text-accent-400
> `}
<DeleteIcon /> >
</a> <DeleteIcon />
</button>
</form>
</td> </td>
</tr> </tr>
<tr id={`details-${job.id}`} class="hidden"> <tr id={`details-${job.id}`} class="hidden">

18
src/pages/results.tsx
View File

@@ -23,14 +23,16 @@ function ResultsArticle({
<div class="mb-4 flex items-center justify-between"> <div class="mb-4 flex items-center justify-between">
<h1 class="text-xl">Results</h1> <h1 class="text-xl">Results</h1>
<div class="flex flex-row gap-4"> <div class="flex flex-row gap-4">
<a <form action={`${WEBROOT}/delete/${job.id}`} method="POST">
style={files.length !== job.num_files ? "pointer-events: none;" : ""} <button
class="flex btn-secondary flex-row gap-2 text-contrast" type="submit"
href={`${WEBROOT}/delete/${job.id}`} style={files.length !== job.num_files ? "pointer-events: none;" : ""}
{...(files.length !== job.num_files ? { disabled: true, "aria-busy": "true" } : "")} class="flex btn-secondary flex-row gap-2 text-contrast"
> {...(files.length !== job.num_files ? { disabled: true, "aria-busy": "true" } : "")}
<DeleteIcon /> <p>Delete</p> >
</a> <DeleteIcon /> <p>Delete</p>
</button>
</form>
<a <a
style={files.length !== job.num_files ? "pointer-events: none;" : ""} style={files.length !== job.num_files ? "pointer-events: none;" : ""}
href={`${WEBROOT}/archive/${job.id}`} href={`${WEBROOT}/archive/${job.id}`}