Closed
Description
New Issue Checklist
- I am not disclosing a vulnerability.
- I am not just asking a question.
- I have searched through existing issues.
- I can reproduce the issue with the latest versions of Parse Server and Parse Dashboard.
Issue Description
App.js produces invalid html.
The opening html tag is after the head and the title tag is outside the head.
We suspect this led to our site being flagged by Google as being hacked or containing social engineering content. See https://community.parseplatform.org/t/dashboard-site-being-flagged-as-unsafe-by-google-safe-browsing/2872/7.
Steps to reproduce
Start up parse dashboard. On either the login page or main dashboard page, get the root html document and run it through an html validator.
Actual Outcome
<!DOCTYPE html>
<head>
<link rel="shortcut icon" type="image/x-icon" href="/dashboard/favicon.ico" />
<base href="/dashboard/"/>
<script>
PARSE_DASHBOARD_PATH = "/dashboard/";
</script>
</head>
<html>
<title>Parse Dashboard</title>
<body>
<div id="browser_mount"></div>
<script src="/dashboard/bundles/dashboard.bundle.js"></script>
</body>
</html>
Expected Outcome
<!DOCTYPE html>
<html>
<head>
<link rel="shortcut icon" type="image/x-icon" href="/dashboard/favicon.ico" />
<base href="/dashboard/"/>
<script>
PARSE_DASHBOARD_PATH = "/dashboard/";
</script>
<title>Parse Dashboard</title>
</head>
<body>
<div id="browser_mount"></div>
<script src="/dashboard/bundles/dashboard.bundle.js"></script>
</body>
</html>
Environment
Dashboard
- Parse Dashboard version:
4.1.4 - Browser (Safari, Chrome, Firefox, Edge, etc.):
any (I used Chrome) - Browser version:
105
Server
- Parse Server version:
any (irrelevant) - Operating system:
Windows - Local or remote host (AWS, Azure, Google Cloud, Heroku, Digital Ocean, etc):
local (any)
Database
- System (MongoDB or Postgres):
MongoDB - Database version:
irrelevant - Local or remote host (MongoDB Atlas, mLab, AWS, Azure, Google Cloud, etc):
local (any)
Logs
n/a