modification pour mac
This commit is contained in:
@@ -1,17 +1,25 @@
|
||||
import DOMPurify from 'isomorphic-dompurify';
|
||||
import sanitizeHtml from 'sanitize-html';
|
||||
|
||||
/**
|
||||
* Sanitizes HTML content to prevent XSS attacks.
|
||||
* Use this before passing content to dangerouslySetInnerHTML.
|
||||
*/
|
||||
export function sanitizeHTML(html: string): string {
|
||||
return DOMPurify.sanitize(html, {
|
||||
USE_PROFILES: { html: true },
|
||||
ALLOWED_TAGS: [
|
||||
if (!html) return '';
|
||||
|
||||
return sanitizeHtml(html, {
|
||||
allowedTags: [
|
||||
'p', 'br', 'b', 'i', 'em', 'strong', 'a', 'ul', 'ol', 'li',
|
||||
'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'blockquote', 'span', 'div',
|
||||
'img', 'table', 'thead', 'tbody', 'tr', 'th', 'td'
|
||||
],
|
||||
ALLOWED_ATTR: ['href', 'target', 'rel', 'src', 'alt', 'class', 'style']
|
||||
allowedAttributes: {
|
||||
'a': ['href', 'target', 'rel'],
|
||||
'img': ['src', 'alt'],
|
||||
'*': ['class', 'style']
|
||||
},
|
||||
selfClosing: ['img', 'br', 'hr', 'area', 'base', 'basefont', 'input', 'link', 'meta'],
|
||||
// Standard URLs only
|
||||
allowedSchemes: ['http', 'https', 'ftp', 'mailto', 'tel'],
|
||||
});
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user