skorotkiewicz/rDrama
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Added purify for html sanitization

Browse source
This commit is contained in:
Michael House 2022-06-05 10:58:17 -05:00
parent bce836bf81
commit bce168c295
3 changed files with 5 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

3
files/assets/js/marked.custom.js
View file

@ -185,8 +185,7 @@ function safeMarkdown(input) {
// return tokenToHTMLElement(outputToken); // return tokenToHTMLElement(outputToken);
const html = marked.parse(input); const html = marked.parse(input);
console.log(html); return DOMPurify.sanitize(html);
return html;
} }
setTimeout(() => markdown('post-text','preview'), 200); setTimeout(() => markdown('post-text','preview'), 200);

3
files/assets/js/vendor/purify.min.js vendored Normal file
View file

File diff suppressed because one or more lines are too long

1
files/templates/submit.html
View file

@ -181,6 +181,7 @@
</script> </script>
{% endif %} {% endif %}
<script src="/assets/js/vendor/purify.min.js?v=251"></script>
<script src="/assets/js/vendor/marked.min.js?v=251"></script> <script src="/assets/js/vendor/marked.min.js?v=251"></script>
<script src="/assets/js/marked.custom.js?v=251"></script> <script src="/assets/js/marked.custom.js?v=251"></script>
<script src="/assets/js/formatting.js?v=240"></script> <script src="/assets/js/formatting.js?v=240"></script>