zzstoatzz.io / plyr.fm
music on atproto plyr.fm
fork atom

fix: remove aggressive non-R2 image blocking (#478)

Was blocking all Bluesky avatars. Keep only explicit flagging.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-authored-by: Claude <noreply@anthropic.com>

authored by zzstoatzz.io Claude and committed by GitHub c5a70abf 715805c8

options
unified split
Changed files
-9
frontend
src
lib
moderation.svelte.ts
-9
frontend/src/lib/moderation.svelte.ts
··· 15 /** 16 * check if an image URL is flagged as sensitive. 17 * checks both the full URL and extracts image_id from R2 URLs. 18 - * also flags non-R2 images as sensitive since they could be injected. 19 */ 20 isSensitive(url: string | null | undefined): boolean { 21 if (!url) return false; 22 23 // check full URL match 24 if (this.data.urls.has(url)) return true; 25 - 26 - // check if it's a known R2 URL pattern 27 - const isR2 = url.includes('r2.dev/') || url.includes('cdn.plyr.fm/'); 28 - 29 - if (!isR2) { 30 - // non-R2 images are treated as sensitive - could be injected 31 - return true; 32 - } 33 34 // extract image_id from R2 URL patterns: 35 // - https://pub-*.r2.dev/{image_id}.{ext}
··· 15 /** 16 * check if an image URL is flagged as sensitive. 17 * checks both the full URL and extracts image_id from R2 URLs. 18 */ 19 isSensitive(url: string | null | undefined): boolean { 20 if (!url) return false; 21 22 // check full URL match 23 if (this.data.urls.has(url)) return true; 24 25 // extract image_id from R2 URL patterns: 26 // - https://pub-*.r2.dev/{image_id}.{ext}