add DOMPurify
This commit is contained in:
parent
9e86e95135
commit
86dc0d4aa8
@ -42,6 +42,7 @@
|
|||||||
"cancelable-promise": "^4.2.1",
|
"cancelable-promise": "^4.2.1",
|
||||||
"cross-env": "^7.0.3",
|
"cross-env": "^7.0.3",
|
||||||
"deep-copy-ts": "^0.5.0",
|
"deep-copy-ts": "^0.5.0",
|
||||||
|
"dompurify" : "^2.3.6",
|
||||||
"easystarjs": "^0.4.4",
|
"easystarjs": "^0.4.4",
|
||||||
"generic-type-guard": "^3.4.2",
|
"generic-type-guard": "^3.4.2",
|
||||||
"google-protobuf": "^3.13.0",
|
"google-protobuf": "^3.13.0",
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
// import sanitizeHtml from 'sanitize-html';
|
import DOMPurify from 'dompurify';
|
||||||
|
|
||||||
export class HtmlUtils {
|
export class HtmlUtils {
|
||||||
public static getElementByIdOrFail<T extends HTMLElement>(id: string): T {
|
public static getElementByIdOrFail<T extends HTMLElement>(id: string): T {
|
||||||
@ -40,8 +40,8 @@ export class HtmlUtils {
|
|||||||
|
|
||||||
public static sanitize(html: string | number | boolean | undefined): string {
|
public static sanitize(html: string | number | boolean | undefined): string {
|
||||||
if (typeof html === "string") {
|
if (typeof html === "string") {
|
||||||
return html;
|
return DOMPurify.sanitize(html);
|
||||||
/* TODO: fix sanitizer, sanitizeHtml seems not to work with vite
|
/* TODO: fix sanitizer, apply sanitizeHtml rules to DOMPurify
|
||||||
return sanitizeHtml(html, {
|
return sanitizeHtml(html, {
|
||||||
allowedAttributes: {
|
allowedAttributes: {
|
||||||
span: ["style"],
|
span: ["style"],
|
||||||
|
@ -876,6 +876,11 @@ doctrine@^3.0.0:
|
|||||||
dependencies:
|
dependencies:
|
||||||
esutils "^2.0.2"
|
esutils "^2.0.2"
|
||||||
|
|
||||||
|
dompurify@^2.3.6:
|
||||||
|
version "2.3.6"
|
||||||
|
resolved "https://registry.yarnpkg.com/dompurify/-/dompurify-2.3.6.tgz#2e019d7d7617aacac07cbbe3d88ae3ad354cf875"
|
||||||
|
integrity sha512-OFP2u/3T1R5CEgWCEONuJ1a5+MFKnOYpkywpUSxv/dj1LeBT1erK+JwM7zK0ROy2BRhqVCf0LRw/kHqKuMkVGg==
|
||||||
|
|
||||||
easystarjs@^0.4.4:
|
easystarjs@^0.4.4:
|
||||||
version "0.4.4"
|
version "0.4.4"
|
||||||
resolved "https://registry.yarnpkg.com/easystarjs/-/easystarjs-0.4.4.tgz#8cec6d20d0d8660715da0301d1da440370a8f40a"
|
resolved "https://registry.yarnpkg.com/easystarjs/-/easystarjs-0.4.4.tgz#8cec6d20d0d8660715da0301d1da440370a8f40a"
|
||||||
|
Loading…
Reference in New Issue
Block a user