From ccf28b8012e0a0a78002f51192f1e3d71563e282 Mon Sep 17 00:00:00 2001
From: Jannat Patel <pateljannat2308@gmail.com>
Date: Thu, 7 Aug 2025 17:23:14 +0530
Subject: [PATCH 1/3] refactor: bring course title down from the gradient in
 course cards

---
 frontend/src/components/CourseCard.vue | 16 +++-------------
 1 file changed, 3 insertions(+), 13 deletions(-)

diff --git a/frontend/src/components/CourseCard.vue b/frontend/src/components/CourseCard.vue
index 6e166e70..8b311f35 100644
--- a/frontend/src/components/CourseCard.vue
+++ b/frontend/src/components/CourseCard.vue
@@ -33,13 +33,13 @@
 					{{ tag }}
 				</div>
 			</div>
-			<div
+			<!-- <div
 				v-if="!course.image"
 				class="flex items-center justify-center text-white flex-1 font-extrabold text-2xl my-auto px-5 text-center leading-6"
 				:class="course.tags ? 'h-[80%]' : 'h-full'"
 			>
 				{{ course.title }}
-			</div>
+			</div> -->
 		</div>
 		<div class="flex flex-col flex-auto p-4">
 			<div class="flex items-center justify-between mb-2">
@@ -69,19 +69,9 @@
 						</span>
 					</Tooltip>
 				</div>
-
-				<!-- <div v-if="course.status != 'Approved'">
-					<Badge
-						variant="subtle"
-						:theme="course.status === 'Under Review' ? 'orange' : 'blue'"
-						size="sm"
-					>
-						{{ course.status }}
-					</Badge>
-				</div> -->
 			</div>
 
-			<div v-if="course.image" class="text-xl font-semibold leading-6">
+			<div class="font-semibold leading-6" :class="course.title.length > 32 ? 'text-lg' : 'text-xl'">
 				{{ course.title }}
 			</div>
 

From d61abac126797e5afa3915cf4daf8cd511a10655 Mon Sep 17 00:00:00 2001
From: Jannat Patel <pateljannat2308@gmail.com>
Date: Thu, 7 Aug 2025 17:33:32 +0530
Subject: [PATCH 2/3] fix: validate is uploaded svg is malicious

---
 frontend/src/utils/index.js | 39 ++++++++++++++++++++++++++++++-------
 1 file changed, 32 insertions(+), 7 deletions(-)

diff --git a/frontend/src/utils/index.js b/frontend/src/utils/index.js
index bbfd6373..eba86850 100644
--- a/frontend/src/utils/index.js
+++ b/frontend/src/utils/index.js
@@ -487,14 +487,39 @@ export function singularize(word) {
 	)
 }
 
-export const validateFile = (file, showToast = true) => {
-	if (!file.type.startsWith('image/')) {
-		const errorMessage = __('Only image file is allowed.')
-		if (showToast) {
-			toast.error(errorMessage)
-		}
-		return errorMessage
+export const validateFile = async (file, showToast = true) => {
+	const error = (msg) => {
+		if (showToast) toast.error(msg)
+		console.error(msg)
+		return msg
 	}
+
+	if (!file.type.startsWith('image/')) {
+		return error(__('Only image file is allowed.'))
+	}
+
+	if (file.type === 'image/svg+xml') {
+		const text = await file.text()
+
+		const blacklist = [
+			/<script[\s>]/i,
+			/on\w+=["']?/i,
+			/javascript:/i,
+			/data:/i,
+			/<iframe[\s>]/i,
+			/<object[\s>]/i,
+			/<embed[\s>]/i,
+			/<link[\s>]/i,
+		]
+
+		for (const pattern of blacklist) {
+			if (pattern.test(text)) {
+				return error(__('SVG contains potentially unsafe content.'))
+			}
+		}
+	}
+
+	return null
 }
 
 export const escapeHTML = (text) => {

From ee715f63874f27eac0d86826aa3b61de1a624ba1 Mon Sep 17 00:00:00 2001
From: Jannat Patel <pateljannat2308@gmail.com>
Date: Fri, 8 Aug 2025 10:47:21 +0530
Subject: [PATCH 3/3] chore: fixed linters

---
 frontend/src/components/CourseCard.vue | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/frontend/src/components/CourseCard.vue b/frontend/src/components/CourseCard.vue
index 8b311f35..ae075920 100644
--- a/frontend/src/components/CourseCard.vue
+++ b/frontend/src/components/CourseCard.vue
@@ -71,7 +71,10 @@
 				</div>
 			</div>
 
-			<div class="font-semibold leading-6" :class="course.title.length > 32 ? 'text-lg' : 'text-xl'">
+			<div
+				class="font-semibold leading-6"
+				:class="course.title.length > 32 ? 'text-lg' : 'text-xl'"
+			>
 				{{ course.title }}
 			</div>