-
Notifications
You must be signed in to change notification settings - Fork 78
Expand file tree
/
Copy pathsanitize.ts
More file actions
27 lines (24 loc) · 975 Bytes
/
Copy pathsanitize.ts
File metadata and controls
27 lines (24 loc) · 975 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
import DOMPurify from 'dompurify';
DOMPurify.addHook('afterSanitizeAttributes', function (node) {
if (node.tagName === 'A' && !node.getAttribute('rel')?.includes('noopener')) {
node.setAttribute('rel', `${node.getAttribute('rel') ?? ''} noopener`.trim());
}
});
export function sanitize(html: string | null) {
return html
? DOMPurify.sanitize(html, {
ADD_TAGS: ['iframe'],
ADD_ATTR: ['target'],
CUSTOM_ELEMENT_HANDLING: {
tagNameCheck: () => true,
attributeNameCheck: (name) => {
return !name.match(/^(v-)|:|@|#/); // remove vue related attributes
},
},
})
: html;
}
// Separate function that sanitizes all rendered Vue template, '{{' & '}}' should always be escaped
export function sanitizeVueTemplate(template: string) {
return template.replaceAll('{{', '{{').replaceAll('}}', '}}');
}