yogsototh/espial
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

sanitize marked output with DOMPurify

Browse source
This commit is contained in:
Jon Schoning 2021-09-26 13:47:20 -05:00
parent db00a1365c
commit 3ecb38b89a
No known key found for this signature in database
GPG key ID: F356416A06AC0A60
9 changed files with 9681 additions and 34 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9679
purs/package-lock.json generated
View file

File diff suppressed because it is too large Load diff

4
purs/package.json
View file

@ -16,5 +16,7 @@
"spago": "^0.20.3", "spago": "^0.20.3",
"terser": "^5.7.2" "terser": "^5.7.2"
}, },
"dependencies": {} "dependencies": {
"dompurify": "^2.3.3"
}
} }

9
purs/src/Globals.js
View file

@ -15,15 +15,6 @@ exports._closest = function(just, nothing, selector, el) {
} }
} }
exports._innerHtml = function(el) {
return el.innerHTML;
}
exports._setInnerHtml = function(content, el) {
el.innerHTML = content;
return el;
}
exports._createFormData = function(formElement) { exports._createFormData = function(formElement) {
return new FormData(formElement); return new FormData(formElement);
} }

10
purs/src/Globals.purs
View file

@ -51,16 +51,6 @@ foreign import _mmoment8601 :: forall a. Fn4 (a -> Maybe a) (Maybe a) (String ->
mmoment8601 :: String -> Maybe (Tuple String String) mmoment8601 :: String -> Maybe (Tuple String String)
mmoment8601 s = runFn4 _mmoment8601 Just Nothing Tuple s mmoment8601 s = runFn4 _mmoment8601 Just Nothing Tuple s
foreign import _innerHtml :: EffectFn1 HTMLElement String
innerHtml :: HTMLElement -> Effect String
innerHtml n = runEffectFn1 _innerHtml n
foreign import _setInnerHtml :: EffectFn2 String HTMLElement HTMLElement
setInnerHtml :: String -> HTMLElement -> Effect HTMLElement
setInnerHtml c n = runEffectFn2 _setInnerHtml c n
foreign import _createFormData :: Fn1 HTMLFormElement FormData foreign import _createFormData :: Fn1 HTMLFormElement FormData
createFormData :: HTMLFormElement -> FormData createFormData :: HTMLFormElement -> FormData

3
purs/src/Marked.js
View file

@ -1,4 +1,5 @@
var marked = require("marked"); var marked = require("marked");
var DOMPurify = require("dompurify");
marked.setOptions({ marked.setOptions({
pedantic: false, pedantic: false,
@ -7,5 +8,5 @@ marked.setOptions({
exports.markedImpl = function(str) { exports.markedImpl = function(str) {
if (!str) return ""; if (!str) return "";
return marked(str); return DOMPurify.sanitize(marked(str));
}; };

8
static/js/app.min.js vendored
View file

File diff suppressed because one or more lines are too long

BIN
static/js/app.min.js.gz
View file

Binary file not shown.

2
static/js/app.min.js.map
View file

File diff suppressed because one or more lines are too long

BIN
static/js/app.min.js.map.gz
View file

Binary file not shown.