update sanitizations for api

server/handlers/links.handler.js

@@ -30,14 +30,12 @@ async function get(req, res) {
     query.link.total(match, { search })
   ]);
 
-  const links = data.map(utils.sanitize.link);
-
   if (req.isHTML) {
     res.render("partials/links/table", {
       total,
       limit,
       skip,
-      links,
+      links: data.map(utils.sanitize.link_html),
     })
     return;
   }
@@ -46,7 +44,7 @@ async function get(req, res) {
     total,
     limit,
     skip,
-    data: links,
+    data: data.map(utils.sanitize.link),
   });
 };
 
@@ -247,12 +245,12 @@ async function edit(req, res) {
     res.render("partials/links/edit", {
       swap_oob: true,
       success: "Link has been updated.",
-      ...utils.sanitize.link({ ...link, ...updatedLink }),
+      ...utils.sanitize.link_html({ ...updatedLink }),
     });
     return;
   }
 
-  return res.status(200).send(utils.sanitize.link({ ...link, ...updatedLink }));
+  return res.status(200).send(utils.sanitize.link({ ...updatedLink }));
 };
 
 async function editAdmin(req, res) {
@@ -340,12 +338,12 @@ async function editAdmin(req, res) {
     res.render("partials/admin/links/edit", {
       swap_oob: true,
       success: "Link has been updated.",
-      ...utils.sanitize.linkAdmin({ ...link, ...updatedLink }),
+      ...utils.sanitize.linkAdmin({ ...updatedLink }),
     });
     return;
   }
 
-  return res.status(200).send(utils.sanitize.link({ ...link, ...updatedLink }));
+  return res.status(200).send(utils.sanitize.link({ ...updatedLink }));
 };
 
 async function remove(req, res) {
@@ -618,7 +616,7 @@ async function stats(req, res) {
 
   if (req.isHTML) {
     res.render("partials/stats", {
-      link: utils.sanitize.link(link),
+      link: utils.sanitize.link_html(link),
       stats,
       map,
     });

server/handlers/renders.handler.js

@@ -289,7 +289,7 @@ async function linkEdit(req, res) {
     ...(!req.user.admin && { user_id: req.user.id })
   });
   res.render("partials/links/edit", {
-    ...(link && utils.sanitize.link(link)),
+    ...(link && utils.sanitize.link_html(link)),
   });
 }
 
@@ -298,7 +298,7 @@ async function linkEditAdmin(req, res) {
     uuid: req.params.id,
   });
   res.render("partials/admin/links/edit", {
-    ...(link && utils.sanitize.link(link)),
+    ...(link && utils.sanitize.link_html(link)),
   });
 }
 

server/utils/utils.js

@@ -253,6 +253,8 @@ const sanitize = {
     ...domain,
     ...parseTimestamps(domain),
     id: domain.uuid,
+    banned: !!domain.banned,
+    homepage: domain.homepage || env.DEFAULT_DOMAIN,
     uuid: undefined,
     user_id: undefined,
     banned_by_id: undefined
@@ -266,12 +268,27 @@ const sanitize = {
       domain_id: undefined,
       user_id: undefined,
       uuid: undefined,
+      banned: !!link.banned,
+      id: link.uuid,
+      password: !!link.password,
+    }
+  },
+  link_html: link => {
+    const timestamps = parseTimestamps(link);
+    return {
+      ...link,
+      ...timestamps,
+      banned_by_id: undefined,
+      domain_id: undefined,
+      user_id: undefined,
+      uuid: undefined,
+      banned: !!link.banned,
       id: link.uuid,
       relative_created_at: getTimeAgo(timestamps.created_at),
       relative_expire_in: link.expire_in && ms(differenceInMilliseconds(parseDatetime(link.expire_in), new Date()), { long: true }),
       password: !!link.password,
       visit_count: link.visit_count.toLocaleString("en-US"),
-      link: getShortURL(link.address, link.domain)
+      link: getShortURL(link.address, link.domain),
     }
   },
   link_admin: link => {

server/views/partials/settings/domain/table.hbs

@@ -14,11 +14,7 @@
             {{address}}
           </td>
           <td class="homepage">
-            {{#if homepage}}
-              {{homepage}}
-            {{else}}
-              {{@root.default_domain}}
-            {{/if}}
+            {{homepage}}
           </td>
           <td class="actions">
             <button