feat: implement stage 2 of Milkdown integration (secure upload & xss guard)
This commit is contained in:
@@ -0,0 +1,12 @@
|
||||
namespace NexusReader.Application.Abstractions.Services;
|
||||
|
||||
/// <summary>
|
||||
/// Service for sanitizing raw input text (e.g. Markdown/HTML) to protect against XSS injection.
|
||||
/// </summary>
|
||||
public interface ISanitizerService
|
||||
{
|
||||
/// <summary>
|
||||
/// Sanitizes the input string and returns a clean, safe version.
|
||||
/// </summary>
|
||||
string Sanitize(string input);
|
||||
}
|
||||
@@ -0,0 +1,17 @@
|
||||
namespace NexusReader.Application.Abstractions.Services;
|
||||
|
||||
/// <summary>
|
||||
/// General file storage service interface for handling media uploads.
|
||||
/// </summary>
|
||||
public interface IStorageService
|
||||
{
|
||||
/// <summary>
|
||||
/// Uploads a file stream and returns its public URL/path.
|
||||
/// </summary>
|
||||
Task<string> UploadFileAsync(Stream fileStream, string fileName, string contentType);
|
||||
|
||||
/// <summary>
|
||||
/// Uploads file bytes and returns its public URL/path.
|
||||
/// </summary>
|
||||
Task<string> UploadFileAsync(byte[] fileBytes, string fileName, string contentType);
|
||||
}
|
||||
@@ -18,6 +18,9 @@ namespace NexusReader.Application.Common;
|
||||
[JsonSerializable(typeof(List<NexusReader.Application.Queries.Recommendations.RecommendationDto>))]
|
||||
[JsonSerializable(typeof(NexusReader.Application.DTOs.User.UpdateThemeRequest))]
|
||||
[JsonSerializable(typeof(NexusReader.Domain.Enums.ThemeMode))]
|
||||
[JsonSerializable(typeof(NexusReader.Application.DTOs.Media.ValidateChapterRequest))]
|
||||
[JsonSerializable(typeof(NexusReader.Application.DTOs.Media.ValidateChapterResponse))]
|
||||
[JsonSerializable(typeof(NexusReader.Application.DTOs.Media.UploadResultDto))]
|
||||
public partial class AppJsonContext : JsonSerializerContext
|
||||
{
|
||||
}
|
||||
|
||||
@@ -0,0 +1,16 @@
|
||||
namespace NexusReader.Application.DTOs.Media;
|
||||
|
||||
/// <summary>
|
||||
/// Request DTO for chapter validation/sanitization.
|
||||
/// </summary>
|
||||
public record ValidateChapterRequest(string Content);
|
||||
|
||||
/// <summary>
|
||||
/// Response DTO containing sanitized chapter content.
|
||||
/// </summary>
|
||||
public record ValidateChapterResponse(string SanitizedContent);
|
||||
|
||||
/// <summary>
|
||||
/// Response DTO containing the uploaded media file URL.
|
||||
/// </summary>
|
||||
public record UploadResultDto(string Url);
|
||||
Reference in New Issue
Block a user