admin/goodgo-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(web): frontend quality — XSS, error states, a11y, image optimization, security headers

Browse Source 
- Whitelist OAuth error codes; never render raw URL params (XSS fix)
- Add error state UI with retry button for API failures on homepage and search
- Use <article> for property cards with ARIA labels and semantic list markup
- Replace raw <img> with Next.js <Image> across all listing/gallery/KYC pages
- Add security headers (X-Content-Type-Options, X-Frame-Options, etc.) in next.config.js
- Gate console.error behind NODE_ENV check in global error boundary
- Mapbox confirmed npm-bundled (SRI N/A)

Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
Ho Ngoc Hai
2026-04-08 06:32:08 +07:00
parent e9889539ea
commit afa70320f5
11 changed files with 215 additions and 104 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
apps/web/app/error.tsx
View File

@@ -10,7 +10,13 @@ export default function GlobalError({
reset: () => void;
}) {
useEffect(() => {
console.error('Unhandled error:', error);
// Report to error tracking service in production; log digest only
if (process.env.NODE_ENV === 'production') {
// TODO: integrate with Sentry/Datadog when available
// errorReporter.captureException(error);
} else {
console.error('Unhandled error:', error);
}
}, [error]);
return (