fix: shifted dompurify.addhook functions inside removescript
This commit is contained in:
parent
3f486ac0e1
commit
7960f94eba
|
@ -25,9 +25,6 @@ export const getRows = (s?: string): string[] => {
|
||||||
* @returns The safer text
|
* @returns The safer text
|
||||||
*/
|
*/
|
||||||
export const removeScript = (txt: string): string => {
|
export const removeScript = (txt: string): string => {
|
||||||
return DOMPurify.sanitize(txt);
|
|
||||||
};
|
|
||||||
|
|
||||||
const TEMPORARY_ATTRIBUTE = 'data-temp-href-target';
|
const TEMPORARY_ATTRIBUTE = 'data-temp-href-target';
|
||||||
|
|
||||||
DOMPurify.addHook('beforeSanitizeAttributes', (node: Element) => {
|
DOMPurify.addHook('beforeSanitizeAttributes', (node: Element) => {
|
||||||
|
@ -36,6 +33,8 @@ DOMPurify.addHook('beforeSanitizeAttributes', (node: Element) => {
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
|
const sanitizedText = DOMPurify.sanitize(txt);
|
||||||
|
|
||||||
DOMPurify.addHook('afterSanitizeAttributes', (node: Element) => {
|
DOMPurify.addHook('afterSanitizeAttributes', (node: Element) => {
|
||||||
if (node.tagName === 'A' && node.hasAttribute(TEMPORARY_ATTRIBUTE)) {
|
if (node.tagName === 'A' && node.hasAttribute(TEMPORARY_ATTRIBUTE)) {
|
||||||
node.setAttribute('target', node.getAttribute(TEMPORARY_ATTRIBUTE) || '');
|
node.setAttribute('target', node.getAttribute(TEMPORARY_ATTRIBUTE) || '');
|
||||||
|
@ -46,6 +45,9 @@ DOMPurify.addHook('afterSanitizeAttributes', (node: Element) => {
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
|
return sanitizedText;
|
||||||
|
};
|
||||||
|
|
||||||
const sanitizeMore = (text: string, config: MermaidConfig) => {
|
const sanitizeMore = (text: string, config: MermaidConfig) => {
|
||||||
if (config.flowchart?.htmlLabels !== false) {
|
if (config.flowchart?.htmlLabels !== false) {
|
||||||
const level = config.securityLevel;
|
const level = config.securityLevel;
|
||||||
|
|
Loading…
Reference in New Issue