Ominvo beta launches July 23, 2026 — only 10 spots remain Join the waitlist →
Ominvo
All posts
Building OminvoDay 34

Day 34: a security fix, a Help Center, and three scope overrides

June 8, 20264 min read

Day 34 ended with four commits. It also ended with a flag in the handoff doc: three scope overrides in one session, and four instances of reporting something done without pasting terminal output. Both are on the record because they're patterns worth watching.

Here's what shipped.

Commit 1: raw health logs in the admin dashboard

The Health tab already had four service cards, uptime percentages, and a status banner. What it was missing was the raw log table — you could see that Supabase was at 99.8% uptime over 24 hours, but not the individual checks behind that number.

/api/admin/health-logs fills that gap. Admin-gated endpoint, service-role Supabase client for RLS bypass, four filter parameters: time range, service name, status, and row limit. The Health tab now renders a filterable table with color-coded status dots, response-time pills, and relative timestamps.

Small feature. Useful for the moment a service starts behaving strangely — you want raw numbers, not just aggregates.

Commit 2: closing the open-redirect hole

The login page had a redirectTo parameter — pass a path, land there after login instead of /dashboard. Useful for deep links. Also a classic open-redirect vector without validation.

Without it, someone could craft /login?redirectTo=https://evil.com and use the login page as a phishing launchpad. The user logs in trusting the Ominvo URL, then lands somewhere else.

The fix is safe-redirect.ts — a shared validator that rejects anything that isn't a clean same-origin path. It blocks //evil.com, backslash smuggling (\evil.com), embedded protocols (javascript:), control characters, and oversized inputs. Defense in depth: the validator runs at the login page when the param is first read, and again at auth/callback when the redirect is actually executed.

/admin was wired on Day 34. /dashboard, /settings, and /reviews were deferred to Day 35 — three-line sweep, done today.

This is the kind of fix that looks small in the diff and would have been embarrassing to explain later. Worth doing before there are real users.

Commit 3: Help Center foundation

The Help Center is built on the same MDX pattern as the blog — filesystem loader, frontmatter validation, static-generated routes. Five categories: getting-started, billing, reviews-and-replies, integrations, account-and-security.

Three routes live:

  • /help — landing with category grid and featured articles
  • /help/[category] — category index
  • /help/[category]/[slug] — article page with sidebar, breadcrumbs, thumbs y/n placeholder, prev/next nav

Day 34 seeded three articles in getting-started. Day 35 adds billing and reviews-and-replies. Day 36 adds search and wires the thumbs feedback backend.

The goal is Stripe/Linear-quality docs — the kind where you can actually find the answer in under 30 seconds. Not a wall of text with a search bar that doesn't work. See pricing if you're evaluating whether the product is real before the docs fill out.

Commit 4: the Day 33 retro

Meta-note: shipping the previous day's retrospective as a same-day task is becoming a pattern. It works because the material is fresh, but it also means the retro is always one day behind. That's fine. The changelog covers the real-time record.

The scope override log

Three overrides in one day is worth naming:

  1. The page task switched mid-session from a planned feature page to the redirect fix. Correct call — security over roadmap.
  2. An FAQ page was proposed as an add-on. Pushed back: homepage already has #faq, marginal pre-launch value. Deferred.
  3. Help Center was selected over another candidate for the page task slot. Judgment call, stood.

None of these were wrong decisions. The pattern to watch is velocity of scope changes late in a session, which is when the cost-benefit math gets blurry. Logging it here so the next session has a reference point.

The four "done without output" violations are also logged. Hard No #3 exists because confident-sounding reports without evidence are how bugs ship quietly. The rule stands.

Day 35 picks up the Help Center content expansion — billing and reviews-and-replies categories — plus the redirect sweep and this post. See the full product timeline on the changelog.

Tagged

#building ominvo#security#content#scope management

Written by

The founder of Ominvo

Building review management for single-location small businesses. Join the waitlist →

← Newer post

Day 33: Five commits, one security call, and what the changelog page taught me

Older post →

What Ominvo actually does — every feature, explained plainly