NoMongo: Replace Base64 Storage with MinIO Client in OrgPostCard.tsx #3721
Assignees
Labels
Comments
github-actions
bot
added
security
|
Hi @NishantSinghhhhh, I’d love to work on this issue! Since optimizing image storage with MinIO is a great improvement for performance and security, I’d be happy to implement the changes. Could you please assign this issue to me? Thanks! |
palisadoes
changed the title
|
PTAL at the XSS and CORS vulnerabilities mentioned above that you will need to address as part of this. |
Akshat2gupta
pushed a commit
to Akshat2gupta/talawa-admin
that referenced
this issue
Mar 9, 2025
…Client in OrgPostCard.tsx
3 tasks
|
How's progress on this? It needs to be completed as a GSoC prerequisite. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Problem
OrgPostCard.tsx currently uses Base64 encoding for storing images, leading to increased memory usage and slower load times.
Solution
Use MinIO client to upload images and store only file URLs, optimizing performance and reducing payload size.
Alternatives Considered
Approach
Additional Context
This update will improve performance, scalability, and user experience for handling post images.
NOTE
We recently discovered a flaw in the code base where there are some XSS and CORS vulnerabilities. This occurs when the API and Admin servers run on different machines.
You will notice this if you configure your Admin app on your local machine to use the API running on https://test.talawa.io/graphql.
The errors in your browser will look like this:
As part of this issue you will need to ensure that the browser only interacts with the API through the Admin server and never with the API direclty.
The text was updated successfully, but these errors were encountered: