From 2e42391918ed4ba6b9478059c20851afd2bfda42 Mon Sep 17 00:00:00 2001
From: SquidSpirit <squid@squidspirit.com>
Date: Thu, 24 Jul 2025 13:11:44 +0800
Subject: [PATCH] BLOG-45 fix: percent encode the database password

---
 backend/Cargo.lock                                          | 1 +
 backend/Cargo.toml                                          | 1 +
 backend/server/Cargo.toml                                   | 1 +
 backend/server/src/main.rs                                  | 6 +++++-
 frontend/src/lib/post/framework/ui/PostContentHeader.svelte | 4 ++--
 frontend/src/routes/+error.svelte                           | 4 ----
 6 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/backend/Cargo.lock b/backend/Cargo.lock
index 7e36810..0cb2aab 100644
--- a/backend/Cargo.lock
+++ b/backend/Cargo.lock
@@ -1789,6 +1789,7 @@ dependencies = [
  "actix-web",
  "dotenv",
  "env_logger",
+ "percent-encoding",
  "post",
  "sqlx",
 ]
diff --git a/backend/Cargo.toml b/backend/Cargo.toml
index 5afd97e..6a8dc37 100644
--- a/backend/Cargo.toml
+++ b/backend/Cargo.toml
@@ -14,6 +14,7 @@ dotenv = "0.15.0"
 env_logger = "0.11.8"
 futures = "0.3.31"
 log = "0.4.27"
+percent-encoding = "2.3.1"
 serde = { version = "1.0.219", features = ["derive"] }
 sqlx = { version = "0.8.5", features = [
     "chrono",
diff --git a/backend/server/Cargo.toml b/backend/server/Cargo.toml
index 1dbcb27..ad808e1 100644
--- a/backend/server/Cargo.toml
+++ b/backend/server/Cargo.toml
@@ -7,6 +7,7 @@ edition.workspace = true
 actix-web.workspace = true
 dotenv.workspace = true
 env_logger.workspace = true
+percent-encoding.workspace = true
 sqlx.workspace = true
 
 post.workspace = true
diff --git a/backend/server/src/main.rs b/backend/server/src/main.rs
index 674881b..92f93a2 100644
--- a/backend/server/src/main.rs
+++ b/backend/server/src/main.rs
@@ -34,9 +34,13 @@ async fn init_database() -> Pool<Postgres> {
     let user = env::var("DATABASE_USER").unwrap_or_else(|_| "postgres".to_string());
     let password = env::var("DATABASE_PASSWORD").unwrap_or_else(|_| "".to_string());
     let dbname = env::var("DATABASE_NAME").unwrap_or_else(|_| "postgres".to_string());
+
+    let encoded_password =
+        percent_encoding::utf8_percent_encode(&password, percent_encoding::NON_ALPHANUMERIC)
+            .to_string();
     let database_url = format!(
         "postgres://{}:{}@{}:{}/{}",
-        user, password, host, port, dbname
+        user, encoded_password, host, port, dbname
     );
 
     let db_pool = PgPoolOptions::new()
diff --git a/frontend/src/lib/post/framework/ui/PostContentHeader.svelte b/frontend/src/lib/post/framework/ui/PostContentHeader.svelte
index c4dcae9..a83f5e6 100644
--- a/frontend/src/lib/post/framework/ui/PostContentHeader.svelte
+++ b/frontend/src/lib/post/framework/ui/PostContentHeader.svelte
@@ -5,8 +5,8 @@
 	const { postInfo }: { postInfo: PostInfoViewModel } = $props();
 </script>
 
-<div class="flex flex-col gap-y-4 pt-9 md:pt-20">
-	<div class="flex flex-row gap-2">
+<div class="flex flex-col pt-9 md:pt-20">
+	<div class="pb-4 flex flex-row gap-2">
 		{#each postInfo.labels as label (label.id)}
 			<Label {label} />
 		{/each}
diff --git a/frontend/src/routes/+error.svelte b/frontend/src/routes/+error.svelte
index a28522e..5881914 100644
--- a/frontend/src/routes/+error.svelte
+++ b/frontend/src/routes/+error.svelte
@@ -1,7 +1,3 @@
-<script lang="ts">
-	import { page } from '$app/state';
-</script>
-
 <div
 	class="mx-auto flex min-h-content-height max-w-screen-xl flex-col items-center justify-center px-4 md:px-6"
 >