Merge commit from fork

* Security: prevent XSS with storage path template rendering * Security: prevent XSS svg uploads * Security: force attachment disposition for logo * Add suggestions from code review * Improve SVG validation with allowlist for tags and attributes
2025-12-08 15:55:31 +01:00 · 2025-08-16 07:34:00 -07:00 · 2025-08-16 07:34:00 -07:00 · b1c406680f
commit b1c406680f
parent 42bdbc1b2d
9 changed files with 179 additions and 10 deletions
--- a/src-ui/src/app/components/manage/management-list/management-list.component.html
+++ b/src-ui/src/app/components/manage/management-list/management-list.component.html
@ -68,6 +68,8 @@
            <td scope="row" [ngClass]="{ 'd-none d-sm-table-cell' : column.hideOnMobile }">
              @if (column.rendersHtml) {
                <div [innerHtml]="column.valueFn.call(null, object) | safeHtml"></div>
+              } @else if (column.monospace) {
+                <span class="font-monospace">{{ column.valueFn.call(null, object) }}</span>
              } @else {
                {{ column.valueFn.call(null, object) }}
              }