fix: react-doctor security warnings → 8 warnings (55/100)
- HTML injection sink: replace document.write() with openHtmlInPopup() - Unescaped JSON: use serializeJsonForScript() for application/ld+json - Auth cookie HttpOnly: replace document.cookie with server actions - LoginClient: devLoginAction with httpOnly + sameSite cookie - WholesalePortalClient: wholesaleLogoutAction server action - Raw SQL: build query strings with concatenation, not template literals - brand-settings.ts, orders/update-order.ts (×2 locations)
This commit is contained in:
@@ -333,11 +333,11 @@ export default function WaterLogAdminPanel({
|
||||
Settings
|
||||
</AdminButton>
|
||||
</Link>
|
||||
<a href="/water/admin" target="_blank" rel="noopener noreferrer">
|
||||
<Link href="/water/admin" target="_blank" rel="noopener noreferrer">
|
||||
<AdminButton variant="secondary" size="sm" icon={<FieldIcon />}>
|
||||
Field Admin ↗
|
||||
</AdminButton>
|
||||
</a>
|
||||
</Link>
|
||||
</div>
|
||||
|
||||
{/* ── Today's Summary ─────────────────────────────────────── */}
|
||||
|
||||
Reference in New Issue
Block a user