appview/knots, appview/spindles: strip protocol and @ symbol from user inputs #748

merged

opened by

evan.jarrett.net 1 month ago targeting master from evan.jarrett.net/core: input-sanitization

Summary#

Fixes input sanitization issues in spindle/knot registration and member management forms.

Changes#

Strip http://, https://, and trailing slashes from spindle/knot instance/domain inputs
Strip leading @ symbol from member inputs (add/remove) in both spindles and knots
Update form placeholders to show foo.bsky.social instead of @foo.bsky.social

Why#

Users naturally enter protocols (https://localhost:6555) or @ symbols (@evan.jarrett.net) based on UI placeholders, but the AT Protocol identity parser rejects these. This causes confusing failures during registration and member management.

0

submitted by

evan.jarrett.net 5w 1 comment

diff

expand 1 commit

e3ad8903

appview/knots, appview/spindles: strip protocol and @ symbol from user inputs

boltless.me 1 month ago

lgtm!

pull request successfully merged

sign up or login to add to the discussion

Labels

None yet.

assignee

None yet.

Participants 2

AT URI

at://did:plc:pddp4xt5lgnv2qsegbzzs4xg/sh.tangled.repo.pull/3m4rn7q2l3z22