wikijs-fork/server/modules/rendering/html-security/renderer.js

25 lines
597 B
JavaScript
Raw Normal View History

const { JSDOM } = require('jsdom')
const createDOMPurify = require('dompurify')
2018-09-16 04:35:03 +00:00
2019-12-12 04:35:54 +00:00
module.exports = {
async init(input, config) {
if (config.safeHTML) {
const window = new JSDOM('').window
const DOMPurify = createDOMPurify(window)
const allowedAttrs = ['v-pre', 'v-slot:tabs', 'v-slot:content', 'target']
const allowedTags = ['tabset', 'template']
if (config.allowIFrames) {
allowedTags.push('iframe')
}
input = DOMPurify.sanitize(input, {
ADD_ATTR: allowedAttrs,
ADD_TAGS: allowedTags
2019-12-12 04:35:54 +00:00
})
}
return input
2018-09-16 04:35:03 +00:00
}
}