liz/wikijs-fork
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: sanitize markdown preview on content change

Browse Source
This commit is contained in:
NGPixel
2020-05-01 00:55:31 -04:00
parent fd91565e61
commit 05e8a71cef
3 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
client/components/editor/editor-markdown.vue
View File

@@ -184,6 +184,7 @@ import _ from 'lodash'
import { get, sync } from 'vuex-pathify'
import markdownHelp from './markdown/help.vue'
import gql from 'graphql-tag'
import DOMPurify from 'dompurify'
/* global siteConfig, siteLangs */
@@ -395,7 +396,7 @@ export default {
onCmInput: _.debounce(function (newContent) {
linesMap = []
this.$store.set('editor/content', newContent)
this.previewHTML = md.render(newContent)
this.previewHTML = DOMPurify.sanitize(md.render(newContent))
this.$nextTick(() => {
this.renderMermaidDiagrams()
Prism.highlightAllUnder(this.$refs.editorPreview)