a8d6da167c
Four small follow-ups from the second-pass audit:
- N1: `manga_upload_rolls_back_when_cover_storage_fails` covers the
manga-side of the transactional rollback path. The chapter case had
a `FailingStorage` regression test already; this completes the
symmetric pair. With fail-on-put-index=0, the cover put fails on
the first call, the transaction aborts, and `SELECT count(*) FROM
mangas WHERE title = 'Berserk'` is 0.
- N2: The SvelteKit proxy now catches network-layer failures from the
upstream `fetch` (DNS / connection refused / TLS handshake) and
returns a 502 with the standard error envelope
(`code: 'upstream_unavailable'`) instead of letting SvelteKit's
generic 500 HTML page through. `client.ts` can `.json()` the result
cleanly so callers see a real ApiError with a meaningful code. The
underlying cause is logged via `console.error` for the operator.
Test in hooks.server.test.ts asserts the 502, the JSON envelope, and
that `resolve` is not called (the proxy short-circuits).
- N3: `GET /api/v1/files/*key` now sets
`X-Content-Type-Options: nosniff`. The upload-time magic-byte sniff
is authoritative for what we declare as Content-Type; `nosniff`
makes the contract explicit so older user-agents can't try to
re-detect HTML/JS in a polyglot file that survived the sniff. Test
in api_uploads.rs asserts the header.
- N4: The /bookmarks page used `{#if b.page}` to gate the "— page N"
display, which falsy-elided a legitimate `page == 0`. Backend now
rejects `page < 1` for new bookmarks (already shipped in 0.9.4),
but any pre-0.9.4 row with page=0 still rendered without its
number. Strengthened to `{#if b.page != null && b.page > 0}`.
Lockstep version bump to 0.10.1.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
56 lines
1.7 KiB
Svelte
56 lines
1.7 KiB
Svelte
<script lang="ts">
|
|
let { data } = $props();
|
|
const authenticated = $derived(data.authenticated);
|
|
const bookmarks = $derived(data.bookmarks);
|
|
</script>
|
|
|
|
<svelte:head>
|
|
<title>Bookmarks — Mangalord</title>
|
|
</svelte:head>
|
|
|
|
<h1>Bookmarks</h1>
|
|
|
|
{#if !authenticated}
|
|
<p data-testid="bookmarks-signin">
|
|
<a href="/login">Sign in</a> to see your bookmarks.
|
|
</p>
|
|
{:else if bookmarks.length === 0}
|
|
<p data-testid="bookmarks-empty">No bookmarks yet.</p>
|
|
{:else}
|
|
<ul class="bookmark-list" data-testid="bookmark-list">
|
|
{#each bookmarks as b (b.id)}
|
|
<li>
|
|
{#if b.chapter_id && b.chapter_number != null}
|
|
<a href="/manga/{b.manga_id}/chapter/{b.chapter_number}">
|
|
Chapter {b.chapter_number}
|
|
{#if b.page != null && b.page > 0}— page {b.page}{/if}
|
|
</a>
|
|
{:else if b.chapter_id}
|
|
<!-- Chapter bookmark whose chapter was deleted; fall
|
|
back to the manga overview rather than emit a
|
|
broken link to a number we don't have. -->
|
|
<a href="/manga/{b.manga_id}">Chapter bookmark (chapter removed)</a>
|
|
{:else}
|
|
<a href="/manga/{b.manga_id}">Manga bookmark</a>
|
|
{/if}
|
|
<span class="created">{new Date(b.created_at).toLocaleDateString()}</span>
|
|
</li>
|
|
{/each}
|
|
</ul>
|
|
{/if}
|
|
|
|
<style>
|
|
.bookmark-list {
|
|
list-style: none;
|
|
padding: 0;
|
|
}
|
|
.bookmark-list li {
|
|
padding: 0.5rem 0;
|
|
border-bottom: 1px solid #eee;
|
|
}
|
|
.created {
|
|
color: #888;
|
|
margin-left: 0.5rem;
|
|
}
|
|
</style>
|