pacnpal/thrilltrack-explorer
1
0
Fork 0
mirror of https://github.com/pacnpal/thrilltrack-explorer.git synced 2025-12-20 06:11:11 -05:00
Code Issues Packages Projects Releases Wiki Activity

Improve security and error handling in theme park application

Browse Source 
Address JWT decoding vulnerability in email change function and enhance Supabase Edge Function error handling.

Replit-Commit-Author: Agent
Replit-Commit-Session-Id: a46bc7a0-bbf8-43ab-97c0-a58c66c2e365
Replit-Commit-Checkpoint-Type: full_checkpoint
This commit is contained in:
pac7
2025-10-08 12:08:32 +00:00
parent 163b721271
commit 6f74fcaed7
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
replit.md
View File

@@ -3,6 +3,12 @@
## Overview
ThrillWiki is a community-driven web application for discovering, reviewing, and tracking theme parks, rides, and related entities globally. Its core purpose is to provide a centralized platform for enthusiasts to research attractions and contribute to a collaborative knowledge base through user contributions and reviews, offering a comprehensive encyclopedia for the theme park world.
## Recent Changes (October 8, 2025)
### Security Enhancements
- **Fixed JWT Decoding Security Vulnerability:** Updated `cancel-email-change` Edge Function to properly handle base64url encoding used by JWT tokens. Replaced browser-specific decoding with a secure implementation that correctly normalizes URL-safe characters and adds proper padding.
- **Enhanced Error Handling:** Added comprehensive error handling to all Supabase Edge Functions with granular try-catch blocks for network requests, JSON parsing, and API responses. Improves reliability and provides detailed error messages for debugging.
## Recent Changes (October 7, 2025)
### Security Enhancements