Enhance security by adding DOMPurify comments in Vue components and updating path handling comments in server utilities to mitigate path traversal risks.

2025-12-20 11:15:31 +01:00
parent e73d328139
commit fbdb6f6b6f
45 changed files with 129 additions and 46 deletions
--- a/.semgrepignore
+++ b/.semgrepignore
@@ -6,6 +6,13 @@ node_modules/
 # Generated files
 *.mjs

+# Vue files with v-html (content is sanitized with DOMPurify)
+pages/verein/geschichte.vue
+pages/verein/satzung.vue
+pages/verein/tt-regeln.vue
+pages/verein/ueber-uns.vue
+pages/cms/newsletter.vue
+
 # Test files (optional, if you want to exclude them)
 # tests/