greggy/lara-schach-live
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Code-Review: Path-Traversal-Fix, toten Code entfernt (formatClock, data.error Check), Emoji-Literal korrigiert, Einrückung fix

Browse Source
This commit is contained in:
Martin
2026-05-26 12:47:47 +02:00
parent 352ed480a8
commit 6ba57c3927
3 changed files with 10 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
js/app.js
View File

@@ -334,8 +334,8 @@ function updateClocks(moveIndex) {
const laraClock = laraIsWhite ? whiteClock : blackClock; const laraClock = laraIsWhite ? whiteClock : blackClock;
const oppClock = laraIsWhite ? blackClock : whiteClock; const oppClock = laraIsWhite ? blackClock : whiteClock;
document.getElementById('black-clock').textContent = formatClock(oppClock); document.getElementById('black-clock').textContent = oppClock || '--:--:--';
document.getElementById('white-clock').textContent = formatClock(laraClock); document.getElementById('white-clock').textContent = laraClock || '--:--:--';
} }
/** /**
@@ -568,10 +568,6 @@ async function updateStandings() {
round: currentRound, round: currentRound,
}; };
const container = document.getElementById('standings-content'); const container = document.getElementById('standings-content');
if (!data || data.error) {
container.innerHTML = '<div class="standings-loading">Daten nicht verfügbar</div>';
return;
}
container.innerHTML = ` container.innerHTML = `
<div class="standings-rank">${data.rank}.</div> <div class="standings-rank">${data.rank}.</div>
<div class="standings-rank-label">Tabellenplatz</div> <div class="standings-rank-label">Tabellenplatz</div>
@@ -602,15 +598,6 @@ async function updateStandings() {
} }
} }
/**
* Format clock string
*/
function formatClock(clockStr) {
if (!clockStr) return '--:--:--';
// Format is HH:MM:SS
return clockStr;
}
/** /**
* Update timestamp * Update timestamp
*/ */

10
server.py
View File

@@ -199,7 +199,11 @@ class Handler(http.server.BaseHTTPRequestHandler):
if self.path == "/": if self.path == "/":
self.path = "/index.html" self.path = "/index.html"
filepath = os.path.join(BASE_DIR, self.path.lstrip("/")) filepath = os.path.normpath(os.path.join(BASE_DIR, self.path.lstrip("/")))
if not filepath.startswith(BASE_DIR):
self.send_response(403)
self.end_headers()
return
if os.path.isfile(filepath): if os.path.isfile(filepath):
content_types = { content_types = {
@@ -309,7 +313,7 @@ class Handler(http.server.BaseHTTPRequestHandler):
def main(): def main():
print("=" * 50) print("=" * 50)
print(" [TROPHY] Lara Kiesewetter - Live Schachturnier") print(" Lara Kiesewetter - Live Schachturnier")
print("=" * 50) print("=" * 50)
print(f" Server laeuft auf: http://localhost:{PORT}") print(f" Server laeuft auf: http://localhost:{PORT}")
if os.path.exists(STOCKFISH_PATH) or STOCKFISH_PATH == "stockfish": if os.path.exists(STOCKFISH_PATH) or STOCKFISH_PATH == "stockfish":
@@ -321,7 +325,7 @@ def main():
socketserver.ThreadingTCPServer.allow_reuse_address = True socketserver.ThreadingTCPServer.allow_reuse_address = True
with socketserver.ThreadingTCPServer(("", PORT), Handler) as httpd: with socketserver.ThreadingTCPServer(("", PORT), Handler) as httpd:
print(f"\n[SERVER] Server gestartet: http://localhost:{PORT}\n") print(f"\n[SERVER] Bereit für Anfragen\n")
try: try:
httpd.serve_forever() httpd.serve_forever()
except KeyboardInterrupt: except KeyboardInterrupt: