pediatric-ai-scribe-v3/public/components
Daniel Onyejesi 23d39dec65 Fix WebDAV selection, pdf-parse, prompt(), CSP, security issues 1/2/4/5
pdf-parse (was v2, broken API):
- Downgraded to v1.1.1 — default export is a function again
- pdfParse is not a function error fixed

WebDAV file selection (style.display bug, same cascade issue):
- lh-ai-webdav-selected had inline style="display:flex" always visible
- selectWebdavFile() / deselectWebdavFile() now use element.style.display
- On select: browser div hides, selected indicator shows with file name + X
- On deselect (X): indicator hides, browser shows again

Topic context for Upload and Nextcloud tabs:
- Both tabs now have optional "Topic / context" field
- Sent to backend as 'topic' param to help AI focus the generated content

Inline refine bar (replaces window.prompt):
- Refine Body button shows/hides an amber inline input bar below generate buttons
- Enter instructions, press Apply — no browser dialog, works in all contexts

CSP: remove unsafe-inline from scriptSrc (security issue #2):
- Converted all 26 onclick= handlers in component HTML files to
  data-action / data-target / data-label attributes
- Added delegated click handler in app.js for copy/speak/nc-export actions
- script-src now 'self' only; script-src-attr 'none'

WebDAV path endpoint (security issue #5):
- New POST /api/user/webdav-path (authMiddleware only, not moderator)
- nextcloud.js updated to use new endpoint

nodemailer: already at 6.10.1 (vulnerability fixed).
2026-03-24 02:28:43 -04:00
..
admin.html Dedicated CMS page, responsive email templates, security fixes in auth 2026-03-23 20:13:22 -04:00
catchup.html Fix quiz SQL bug, security hardening, componentize HTML, speed improvements 2026-03-23 20:01:54 -04:00
chart.html Fix WebDAV selection, pdf-parse, prompt(), CSP, security issues 1/2/4/5 2026-03-24 02:28:43 -04:00
cms.html Fix WebDAV selection, pdf-parse, prompt(), CSP, security issues 1/2/4/5 2026-03-24 02:28:43 -04:00
dictation.html Fix WebDAV selection, pdf-parse, prompt(), CSP, security issues 1/2/4/5 2026-03-24 02:28:43 -04:00
encounter.html Fix WebDAV selection, pdf-parse, prompt(), CSP, security issues 1/2/4/5 2026-03-24 02:28:43 -04:00
hospital.html Fix WebDAV selection, pdf-parse, prompt(), CSP, security issues 1/2/4/5 2026-03-24 02:28:43 -04:00
learning.html Fix quiz SQL bug, security hardening, componentize HTML, speed improvements 2026-03-23 20:01:54 -04:00
settings.html Add AI content generation to Learning Hub CMS 2026-03-24 00:17:28 -04:00
sickvisit.html Fix WebDAV selection, pdf-parse, prompt(), CSP, security issues 1/2/4/5 2026-03-24 02:28:43 -04:00
soap.html Fix WebDAV selection, pdf-parse, prompt(), CSP, security issues 1/2/4/5 2026-03-24 02:28:43 -04:00
vaxschedule.html Fix quiz SQL bug, security hardening, componentize HTML, speed improvements 2026-03-23 20:01:54 -04:00
wellvisit.html Fix WebDAV selection, pdf-parse, prompt(), CSP, security issues 1/2/4/5 2026-03-24 02:28:43 -04:00