fix(security): add csrf filter + prevent xss attacks by escaping user input

- update CI4 to v4.1.9's stable production package - update php and js dependencies to latest
2026-04-14 12:07:46 +02:00 · 2022-03-04 14:33:48 +00:00 · 2022-03-04 14:33:48 +00:00 · cd2e1e1dc3
commit cd2e1e1dc3
parent a597cf4ecf
182 changed files with 4410 additions and 4214 deletions
--- a/app/Models/PodcastModel.php
+++ b/app/Models/PodcastModel.php
@ -94,7 +94,7 @@ class PodcastModel extends Model
        'language_code' => 'required',
        'category_id' => 'required',
        'owner_email' => 'required|valid_email',
-        'new_feed_url' => 'valid_url|permit_empty',
+        'new_feed_url' => 'valid_url_strict|permit_empty',
        'type' => 'required',
        'created_by' => 'required',
        'updated_by' => 'required',
@ -403,6 +403,7 @@ class PodcastModel extends Model
                    $secondsToNextUnpublishedEpisode ? $secondsToNextUnpublishedEpisode : DECADE
                );
        }
+
        return $defaultQuery;
    }

@ -504,6 +505,7 @@ class PodcastModel extends Model
                (new ActorModel())->update($podcast->actor_id, $podcastActor);
            }
        }
+
        return $data;
    }