From aefc85bb0fe1d4851aa59ea650d7b9eae1fefb93 Mon Sep 17 00:00:00 2001 From: seaerchin Date: Fri, 31 Mar 2023 15:50:48 +0800 Subject: [PATCH] fix(sanitize): use same setup for dompurify as FE --- src/services/utilServices/Sanitizer.ts | 42 ++++++++++++++++++++++++++ src/utils/file-upload-utils.js | 11 ++++--- src/utils/markdown-utils.js | 10 +++--- src/utils/yaml-utils.ts | 7 +++-- 4 files changed, 57 insertions(+), 13 deletions(-) create mode 100644 src/services/utilServices/Sanitizer.ts diff --git a/src/services/utilServices/Sanitizer.ts b/src/services/utilServices/Sanitizer.ts new file mode 100644 index 000000000..741306547 --- /dev/null +++ b/src/services/utilServices/Sanitizer.ts @@ -0,0 +1,42 @@ +import DOMPurify from "isomorphic-dompurify" + +DOMPurify.setConfig({ + ADD_TAGS: ["iframe", "#comment", "script"], + ADD_ATTR: [ + "allow", + "allowfullscreen", + "frameborder", + "scrolling", + "marginheight", + "marginwidth", + "target", + "async", + ], + // required in case