Skip to content

Commit

Permalink
Merge pull request #8 from aaronhmiller/patch_response
Browse files Browse the repository at this point in the history 
escaping HTML per OX
  • Loading branch information
@aaronhmiller
aaronhmiller authored Jan 4, 2024
2 parents 15dfb3a + 95a5700 commit 6042a36
Showing 1 changed file with 5 additions and 4 deletions.
9 changes: 5 additions & 4 deletions app/apis.js
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
const escapeHtml = require('escape-html')
const Pool = require('pg').Pool
const pool = new Pool({
user: 'salt',
Expand Down Expand Up @@ -70,21 +71,21 @@ const updateUser = (req, res) => {
if (error) {
throw error
}
res.status(200).send(`User email updated with ID: ${id}`)
res.status(200).send(`User email updated with ID: ${escapeHtml(id)}`)
})
} else if (!email) {
pool.query('UPDATE users SET name = $1 WHERE id = $2', [name, id], (error) => {
if (error) {
throw error
}
res.status(200).send(`User name updated with ID: ${id}`)
res.status(200).send(`User name updated with ID: ${escapeHtml(id)}`)
})
} else {
pool.query('UPDATE users SET name = $1, email = $2 WHERE id = $3', [name, email, id], (error) => {
if (error) {
throw error
}
res.status(200).send(`User name and email updated with ID: ${id}`)
res.status(200).send(`User name and email updated with ID: ${escapeHtml(id)}`)
})
}
}
Expand All @@ -105,7 +106,7 @@ const deleteUser = (req, res) => {
if (error) {
throw error
}
res.status(200).send(`User deleted with ID: ${id}`)
res.status(200).send(`User deleted with ID: ${escapeHtml(id)}`)
})
}
})
Expand Down

1 comment on commit 6042a36

@vercel
Copy link

@vercel vercel bot commented on 6042a36 Jan 4, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Successfully deployed to the following URLs:

crud-app – ./

crud-app-aaronhmiller.vercel.app
crud-app-git-main-aaronhmiller.vercel.app
crud-app-seven-rho.vercel.app

Please sign in to comment.