Go to file

xfy 28f0117f06 test(sanitizer): 补充 is_safe_url 分支测试

is_safe_url 是 HTML 消毒器的安全核心，原仅通过 clean_html 间接覆盖。
新增 9 个直接单元测试，锁定各分支契约：

- https/http 白名单通过
- javascript / vbscript scheme 拒绝（含大小写混淆）
- data URI 按 allow_data_uri 标志决定（文章正文 vs 评论）
- 相对路径与锚点片段通过
- 空字符串/纯空白视为安全
- mailto / tel / ftp 等其它白名单 scheme 通过
- 含空白的 scheme 名（混淆手法）被拒绝

共 17 个测试，全部通过。

2026-06-15 11:19:46 +08:00

.agents/skills

feat(skills): add multi-style design skills from taste-skill repo

2026-06-11 09:53:15 +08:00

.gitea/workflows

ci: retry rustup install on network failure

2026-06-12 17:44:19 +08:00

docs/superpowers

docs: add implementation plan for comment localStorage feature

2026-06-11 14:07:58 +08:00

libs/tiptap-editor

chore(tiptap-editor): update package-lock.json

2026-06-08 15:54:27 +08:00

migrations

feat(db): add toc_html column to posts table

2026-06-12 10:35:33 +08:00

public

删除 public/tiptap/editor.css 构建产物

2026-06-10 16:51:51 +08:00

src

test(sanitizer): 补充 is_safe_url 分支测试

2026-06-15 11:19:46 +08:00

syntaxes

feat: add custom .sublime-syntax loading for Swift and Kotlin, improve alias table

2026-06-05 09:27:21 +08:00

themes

feat: add catppuccin Latte & Mocha tmTheme files for syntax highlighting

2026-06-03 11:43:31 +08:00

uploads

chore: create uploads directory for image storage

2026-06-05 14:49:22 +08:00

.env.example

perf(ssr): optimize request throughput by 32%

2026-06-12 09:36:53 +08:00

.gitignore

chore: ignore .worktrees directory

2026-06-15 10:50:48 +08:00

AGENTS.md

docs: document COOKIE_SECURE and TRUSTED_PROXY_COUNT

2026-06-12 17:31:20 +08:00

Cargo.lock

test: improve unit test coverage and assertions

2026-06-12 18:13:51 +08:00

Cargo.toml

test(cache): mark cache tests serial to fix parallel flakiness

2026-06-12 17:40:15 +08:00

CHANGELOG.md

chore: release v0.2.0

2026-06-10 15:46:11 +08:00

CLAUDE.md

chore: symlink CLAUDE.md to AGENTS.md

2026-06-11 10:01:01 +08:00

DEVELOPMENT.md

docs: 整理表格格式并添加 CI 链接

2026-06-15 10:41:03 +08:00

Dioxus.toml

feat: redesign admin write page with fixed-height editor layout

2026-06-10 17:41:31 +08:00

input.css

refactor(ui): redesign with warm palette, sage accent, and consistent theme vars

2026-06-11 10:29:11 +08:00

Makefile

build: use npx tailwindcss instead of global binary

2026-06-12 18:09:20 +08:00

migrate.sh

feat: add database migration helper script

2026-06-02 17:33:28 +08:00

README.md

添加项目 README

2026-05-26 18:06:28 +08:00

rust-analyzer.toml

将 rust-analyzer 配置从 JSON 迁移为 TOML 格式

2026-06-02 17:33:28 +08:00

skills-lock.json

feat(skills): add multi-style design skills from taste-skill repo

2026-06-11 09:53:15 +08:00

README.md

Yggdrasil

基于 Dioxus 0.7 的全栈博客系统，Rust 单一代码库同时编译为 WASM 前端和原生服务端。

技术栈

框架: Dioxus 0.7 (fullstack)
数据库: PostgreSQL + tokio-postgres
样式: Tailwind CSS v4
密码: Argon2
会话: UUID token + cookie

功能

邮箱注册 / 登录（单管理员模式，首次注册后关闭）
会话管理与自动过期清理
暗色 / 亮色主题切换
后台文章撰写（Tiptap Markdown 编辑器）
文章归档与标签浏览

开发

依赖 Rust 1.95+、wasm32 目标、dx CLI、tailwindcss CLI v4 和 PostgreSQL。

# 配置数据库
DATABASE_URL=postgres://postgres:postgres@localhost:5432/yggdrasil

# 运行迁移
psql $DATABASE_URL -f migrations/001_init.sql

# 启动开发服务器
make dev

构建

make build

Languages

Rust 92%

CSS 4.1%

TypeScript 2.2%

JavaScript 0.7%

Shell 0.4%

Other 0.6%

README.md Unescape Escape

Yggdrasil

技术栈

功能

开发

构建

README.md