torsten/harheimertc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6fda6ebad04005b8423a50e0bf94384ca2350aab
harheimertc/composables/useSanitizeHtml.js
Torsten Schulz (local) 316cce1b26
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 4m56s
Details
Enhance content sanitization across various components by integrating 'dompurify' for improved security and update package dependencies in package.json and package-lock.json.
2025-12-20 10:49:20 +01:00

27 lines
766 B
JavaScript
Raw Blame History

import DOMPurify from 'dompurify'
/**
* Sanitizes HTML content to prevent XSS attacks
* @param {string} html - The HTML content to sanitize
* @returns {string} - The sanitized HTML
*/
export function useSanitizeHtml(html) {
if (!html || typeof html !== 'string') {
return ''
}
// DOMPurify sanitizes HTML and removes dangerous content
return DOMPurify.sanitize(html, {
ALLOWED_TAGS: [
'p', 'br', 'strong', 'em', 'u', 's', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6',
'ul', 'ol', 'li', 'a', 'img', 'blockquote', 'code', 'pre', 'span', 'div',
'table', 'thead', 'tbody', 'tr', 'th', 'td'
],
ALLOWED_ATTR: [
'href', 'src', 'alt', 'title', 'class', 'id', 'width', 'height', 'style'
],
ALLOW_DATA_ATTR: false
})
}
Reference in New Issue View Git Blame Copy Permalink