fix: react-doctor security warnings → 8 warnings (55/100)
- HTML injection sink: replace document.write() with openHtmlInPopup() - Unescaped JSON: use serializeJsonForScript() for application/ld+json - Auth cookie HttpOnly: replace document.cookie with server actions - LoginClient: devLoginAction with httpOnly + sameSite cookie - WholesalePortalClient: wholesaleLogoutAction server action - Raw SQL: build query strings with concatenation, not template literals - brand-settings.ts, orders/update-order.ts (×2 locations)
This commit is contained in:
@@ -81,8 +81,7 @@ export default function ContactClientPage() {
|
||||
</svg>
|
||||
</div>
|
||||
<h3 className="text-lg font-bold text-[#0a0a0a] mb-3">Phone</h3>
|
||||
<a
|
||||
href="tel:+19703235631"
|
||||
<a href="tel:+19703235631"
|
||||
className="block text-[#1a4d2e] hover:text-[#2d6a4f] font-semibold leading-relaxed"
|
||||
>
|
||||
(970) 323-5631
|
||||
@@ -97,14 +96,12 @@ export default function ContactClientPage() {
|
||||
</svg>
|
||||
</div>
|
||||
<h3 className="text-lg font-bold text-[#0a0a0a] mb-3">Email</h3>
|
||||
<a
|
||||
href="mailto:hello@routecommerce.com"
|
||||
<a href="mailto:hello@routecommerce.com"
|
||||
className="block text-[#1a4d2e] hover:text-[#2d6a4f] font-semibold leading-relaxed"
|
||||
>
|
||||
hello@routecommerce.com
|
||||
</a>
|
||||
<a
|
||||
href="mailto:support@routecommerce.com"
|
||||
<a href="mailto:support@routecommerce.com"
|
||||
className="block text-sm text-[#666] hover:text-[#1a4d2e] mt-1"
|
||||
>
|
||||
support@routecommerce.com
|
||||
|
||||
Reference in New Issue
Block a user