UX: show complete URL path if website domain is same as instance domain

[ShashankFC]

Test 6

Summary by CodeRabbit

• Refactor

  • Reorganized code architecture to improve maintainability and better separate concerns.

• Tests

  • Enhanced test coverage for website domain name handling with new test cases covering different domain matching scenarios, including host name derivation and path normalization based on domain configuration relationships.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

---

Replicated from ai-code-review-evaluation/discourse-coderabbit#6

[ShashankFC]

@cubic-dev-ai review this pull request

[cubic-dev-ai]

@cubic-dev-ai review this pull request

@ShashankFC I have started the AI code review. It will take a few minutes to complete.

[cubic-dev-ai]

2 issues found across 5 files

Prompt for AI agents (all issues)

Check if these issues are valid — if so, understand the root cause of each and fix them.


<file name="app/serializers/user_serializer.rb">

<violation number="1" location="app/serializers/user_serializer.rb:43">
P1: Potential information leak: `website_name` is not listed in `untrusted_attributes`, but `website` is. This means `website_name` will be visible to anonymous users viewing TL0 profiles, even though `website` is hidden for them. Consider adding `:website_name` to the `untrusted_attributes` list.</violation>

<violation number="2" location="app/serializers/user_serializer.rb:153">
P1: Bug: Missing `?` suffix on `include_website_name`. ActiveModelSerializers expects `include_<attr>?` (with question mark) for conditional attribute inclusion. Without it, this method is never called by AMS, so `website_name` will always be serialized — even when `website` is blank — resulting in `null` values in the JSON response.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}

[cubic-dev-ai]

P1: Potential information leak: website_name is not listed in untrusted_attributes, but website is. This means website_name will be visible to anonymous users viewing TL0 profiles, even though website is hidden for them. Consider adding :website_name to the untrusted_attributes list.

Prompt for AI agents

Check if this issue is valid — if so, understand the root cause and fix it. At app/serializers/user_serializer.rb, line 43:

<comment>Potential information leak: `website_name` is not listed in `untrusted_attributes`, but `website` is. This means `website_name` will be visible to anonymous users viewing TL0 profiles, even though `website` is hidden for them. Consider adding `:website_name` to the `untrusted_attributes` list.</comment>

<file context>
@@ -40,6 +40,7 @@ def self.untrusted_attributes(*attrs)
              :bio_cooked,
              :created_at,
              :website,
+             :website_name,
              :profile_background,
              :card_background,
</file context>

[cubic-dev-ai]

P1: Bug: Missing ? suffix on include_website_name. ActiveModelSerializers expects include_<attr>? (with question mark) for conditional attribute inclusion. Without it, this method is never called by AMS, so website_name will always be serialized — even when website is blank — resulting in null values in the JSON response.

Prompt for AI agents

Check if this issue is valid — if so, understand the root cause and fix it. At app/serializers/user_serializer.rb, line 153:

<comment>Bug: Missing `?` suffix on `include_website_name`. ActiveModelSerializers expects `include_<attr>?` (with question mark) for conditional attribute inclusion. Without it, this method is never called by AMS, so `website_name` will always be serialized — even when `website` is blank — resulting in `null` values in the JSON response.</comment>

<file context>
@@ -133,6 +134,26 @@ def website
+    end
+  end
+
+  def include_website_name
+    website.present?
+  end
</file context>

Suggested change

	def include_website_name
	def include_website_name?