mirrors/homebox
1
0
Fork 1
mirror of https://github.com/hay-kot/homebox.git synced 2025-08-06 01:20:31 +00:00
Code Issues Projects Releases Packages Wiki Activity

sanitize markup

Browse source
This commit is contained in:
Hayden 2022-12-02 15:57:02 -09:00
parent 228e55a17c
commit 1ad2b32d18
No known key found for this signature in database
GPG key ID: 17CF79474E257545
4 changed files with 13 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

4
frontend/components/global/DetailsSection/DetailsSection.vue
View file

@ -33,11 +33,11 @@
</template> </template>
<script setup lang="ts"> <script setup lang="ts">
import type { CustomDetail, Detail } from "./types"; import type { AnyDetail, Detail } from "./types";
defineProps({ defineProps({
details: { details: {
type: Object as () => (Detail | CustomDetail)[], type: Object as () => (Detail | AnyDetail)[],
required: true, required: true,
}, },
}); });

5
frontend/components/global/Markdown.vue
View file

@ -1,5 +1,6 @@
<script setup lang="ts"> <script setup lang="ts">
import MarkdownIt from "markdown-it"; import MarkdownIt from "markdown-it";
import DOMPurify from 'dompurify';
type Props = { type Props = {
source: string; source: string;
@ -13,8 +14,10 @@
typographer: true, typographer: true,
}); });
const raw = computed(() => { const raw = computed(() => {
return md.render(props.source); const html = md.render(props.source);
return DOMPurify.sanitize(html);
}); });
</script> </script>

1
frontend/package.json
View file

@ -37,6 +37,7 @@
"@vueuse/nuxt": "^9.1.1", "@vueuse/nuxt": "^9.1.1",
"autoprefixer": "^10.4.8", "autoprefixer": "^10.4.8",
"daisyui": "^2.24.0", "daisyui": "^2.24.0",
"dompurify": "^2.4.1",
"markdown-it": "^13.0.1", "markdown-it": "^13.0.1",
"pinia": "^2.0.21", "pinia": "^2.0.21",
"postcss": "^8.4.16", "postcss": "^8.4.16",

6
frontend/pnpm-lock.yaml generated
View file

@ -14,6 +14,7 @@ specifiers:
'@vueuse/nuxt': ^9.1.1 '@vueuse/nuxt': ^9.1.1
autoprefixer: ^10.4.8 autoprefixer: ^10.4.8
daisyui: ^2.24.0 daisyui: ^2.24.0
dompurify: ^2.4.1
eslint: ^8.23.0 eslint: ^8.23.0
eslint-config-prettier: ^8.5.0 eslint-config-prettier: ^8.5.0
eslint-plugin-prettier: ^4.2.1 eslint-plugin-prettier: ^4.2.1
@ -40,6 +41,7 @@ dependencies:
'@vueuse/nuxt': 9.6.0_34m4vklv7wytvv7hkkggjs6mui '@vueuse/nuxt': 9.6.0_34m4vklv7wytvv7hkkggjs6mui
autoprefixer: 10.4.13_postcss@8.4.19 autoprefixer: 10.4.13_postcss@8.4.19
daisyui: 2.42.1_2lwn2upnx27dqeg6hqdu7sq75m daisyui: 2.42.1_2lwn2upnx27dqeg6hqdu7sq75m
dompurify: 2.4.1
markdown-it: 13.0.1 markdown-it: 13.0.1
pinia: 2.0.27_mgnvym7yiazkylwwogi5r767ue pinia: 2.0.27_mgnvym7yiazkylwwogi5r767ue
postcss: 8.4.19 postcss: 8.4.19
@ -2244,6 +2246,10 @@ packages:
dependencies: dependencies:
domelementtype: 2.3.0 domelementtype: 2.3.0
/dompurify/2.4.1:
resolution: {integrity: sha512-ewwFzHzrrneRjxzmK6oVz/rZn9VWspGFRDb4/rRtIsM1n36t9AKma/ye8syCpcw+XJ25kOK/hOG7t1j2I2yBqA==}
dev: false
/domutils/2.8.0: /domutils/2.8.0:
resolution: {integrity: sha512-w96Cjofp72M5IIhpjgobBimYEfoPjx1Vx0BSX9P30WBdZW2WIKU0T1Bd0kz2eNZ9ikjKgHbEyKx8BB6H1L3h3A==} resolution: {integrity: sha512-w96Cjofp72M5IIhpjgobBimYEfoPjx1Vx0BSX9P30WBdZW2WIKU0T1Bd0kz2eNZ9ikjKgHbEyKx8BB6H1L3h3A==}
dependencies: dependencies: