Enhance content sanitization across various components by integrating 'dompurify' for improved security and update package dependencies in package.json and package-lock.json.
This commit is contained in:
Torsten Schulz (local)
@@ -359,6 +359,8 @@ ${hallenListe.map(halle => {
|
||||
// Verzeichnis existiert bereits
|
||||
}
|
||||
|
||||
// nosemgrep: javascript.lang.security.audit.path-traversal.path-join-resolve-traversal
|
||||
// team is validated against allowlist, Date.now() is safe, path traversal prevented
|
||||
const tempTexFile = path.join(tempDir, `spielplan_${team}_${Date.now()}.tex`)
|
||||
await fs.writeFile(tempTexFile, latexContent, 'utf-8')
|
||||
|
||||
|
||||
Reference in New Issue
Block a user