Responsive pop-up

Secure avatar generation
2021-05-28 19:15:34 +02:00 · 2021-05-28 19:02:24 +02:00
4 changed files with 19 additions and 4 deletions
--- a/src/frontend/commons/style.css
+++ b/src/frontend/commons/style.css
@ -67,6 +67,21 @@ main.card {
    border-radius: 10px;
    font-size: 1.2em;
 }
@media (max-width: 1700px) {
    .popup {
        width: 50vw;
    }
 }
@media (max-width: 1400px) {
    .popup {
        width: 60vw;
    }
 }
@media (max-width: 1100px) {
    .popup {
        width: 70vw;
    }
 }
 .popup:last-child::after {
    content: "";
    display: block;
--- a/src/frontend/index.css
+++ b/src/frontend/index.css
@ -59,7 +59,7 @@ button:hover::after {
 }
 .popup h2.warning::before {
    content: url("/static/imgs/icons/warning/ACCENT_COLOR");
-    width: 9%;
+    width: 2em;
    display: inline-block;
    vertical-align: middle;
 }
--- a/src/frontend/index.js
+++ b/src/frontend/index.js
@ -815,7 +815,7 @@ function sendNextLargeFile(sessionId) {
 }
 function refreshAvatar(selector, sessionId) {
    let avatar = document.querySelector(selector);
-    if (typeof avatar !== "undefined") {
+    if (avatar !== null) {
        if (typeof sessionId === "undefined") {
            avatar.src = "/avatar/self?"+avatarTimestamps.get("self");
        } else {
--- a/src/main.rs
+++ b/src/main.rs
@ -370,7 +370,7 @@ fn reply_with_avatar(avatar: Option<Vec<u8>>, name: Option<&str>) -> HttpRespons
                let svg = include_str!(concat!(env!("OUT_DIR"), "/text_avatar.svg"));
                #[cfg(debug_assertions)]
                let svg = replace_fields("src/frontend/imgs/text_avatar.svg");
-                HttpResponse::Ok().content_type("image/svg+xml").body(svg.replace("LETTER", &name.chars().nth(0).unwrap().to_string()))
+                HttpResponse::Ok().content_type("image/svg+xml").body(svg.replace("LETTER", &name.chars().nth(0).unwrap_or('?').to_string()))
            }
            None => HttpResponse::InternalServerError().finish()
        }
@ -383,7 +383,7 @@ fn handle_avatar(req: HttpRequest) -> HttpResponse {
        if splits[1] == "self" {
            return reply_with_avatar(Identity::get_identity_avatar().ok(), Identity::get_identity_name().ok().as_deref());
        }
-    } else if splits.len() == 3 {
+    } else if splits.len() == 3 && is_authenticated(&req) {
        if let Ok(session_id) = splits[1].parse() {
            let global_vars = req.app_data::<Data<Arc<RwLock<GlobalVars>>>>().unwrap();
            return reply_with_avatar(global_vars.read().unwrap().session_manager.get_avatar(&session_id), Some(splits[2]));
Author	SHA1	Message	Date
Matéo Duparc	bd795ca995	Responsive pop-up	2021-05-28 19:15:34 +02:00
Matéo Duparc	0eee053b5e	Secure avatar generation	2021-05-28 19:02:24 +02:00