add DOMPurify
This commit is contained in:
parent
9e86e95135
commit
86dc0d4aa8
@ -42,6 +42,7 @@
|
||||
"cancelable-promise": "^4.2.1",
|
||||
"cross-env": "^7.0.3",
|
||||
"deep-copy-ts": "^0.5.0",
|
||||
"dompurify" : "^2.3.6",
|
||||
"easystarjs": "^0.4.4",
|
||||
"generic-type-guard": "^3.4.2",
|
||||
"google-protobuf": "^3.13.0",
|
||||
|
@ -1,4 +1,4 @@
|
||||
// import sanitizeHtml from 'sanitize-html';
|
||||
import DOMPurify from 'dompurify';
|
||||
|
||||
export class HtmlUtils {
|
||||
public static getElementByIdOrFail<T extends HTMLElement>(id: string): T {
|
||||
@ -40,8 +40,8 @@ export class HtmlUtils {
|
||||
|
||||
public static sanitize(html: string | number | boolean | undefined): string {
|
||||
if (typeof html === "string") {
|
||||
return html;
|
||||
/* TODO: fix sanitizer, sanitizeHtml seems not to work with vite
|
||||
return DOMPurify.sanitize(html);
|
||||
/* TODO: fix sanitizer, apply sanitizeHtml rules to DOMPurify
|
||||
return sanitizeHtml(html, {
|
||||
allowedAttributes: {
|
||||
span: ["style"],
|
||||
|
@ -876,6 +876,11 @@ doctrine@^3.0.0:
|
||||
dependencies:
|
||||
esutils "^2.0.2"
|
||||
|
||||
dompurify@^2.3.6:
|
||||
version "2.3.6"
|
||||
resolved "https://registry.yarnpkg.com/dompurify/-/dompurify-2.3.6.tgz#2e019d7d7617aacac07cbbe3d88ae3ad354cf875"
|
||||
integrity sha512-OFP2u/3T1R5CEgWCEONuJ1a5+MFKnOYpkywpUSxv/dj1LeBT1erK+JwM7zK0ROy2BRhqVCf0LRw/kHqKuMkVGg==
|
||||
|
||||
easystarjs@^0.4.4:
|
||||
version "0.4.4"
|
||||
resolved "https://registry.yarnpkg.com/easystarjs/-/easystarjs-0.4.4.tgz#8cec6d20d0d8660715da0301d1da440370a8f40a"
|
||||
|
Loading…
Reference in New Issue
Block a user