Skip to content

Commit

Permalink
Revert recent DOMPurify commits.
Browse files Browse the repository at this point in the history 
This reverts commit b49ed33 and
commit 19f54c0. Fixes #234.
  • Loading branch information
@SpacingBat3
SpacingBat3 committed Aug 26, 2022
1 parent 19f54c0 commit b5a553f
Show file tree
Hide file tree
Showing 5 changed files with 10 additions and 16 deletions.
1 change: 1 addition & 0 deletions package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@
"@electron/fuses": "^1.5.0",
"@reforged/maker-appimage": "^1.0.2",
"@tsconfig/node16-strictest": "^1.0.0",
"@types/dompurify": "^2.3.3",
"@types/marked": "^4.0.2",
"@types/node": "^18.6.4",
"@types/semver": "^7.3.9",
Expand Down
10 changes: 0 additions & 10 deletions sources/code/common/global.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,16 +2,6 @@
* Global.ts – non-Electron depending globally-used module declarations
*/

import { sanitize as dompurify } from "dompurify";

/** Type safe wrapper around DOMPurify. */
export function sanitize(html: string, cfg: unknown): string {
const sanitizedValue:unknown = dompurify(html,cfg);
if(typeof sanitizedValue !== "string")
throw new TypeError("Sanitizer returned a non-string value!");
return sanitizedValue;
}

/**
* Outputs a fancy log message in the (DevTools) console.
*
Expand Down
3 changes: 2 additions & 1 deletion sources/code/renderer/preload/about.ts
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,11 @@
import { ipcRenderer as ipc } from "electron/renderer";
import { buildInfo, sanitize, sanitizeConfig } from "../../common/global";
import { buildInfo, sanitizeConfig } from "../../common/global";
import { getAppPath, getAppHash } from "../../common/modules/electron";
import { resolve } from "path";
import L10N from "../../common/modules/l10n";
import packageJson, { PackageJSON, Person } from "../../common/modules/package";
import { createHash } from "crypto";
import { sanitize } from "dompurify";
import { appInfo, defaultBuildInfo } from "../../common/modules/client";

/**
Expand Down
5 changes: 3 additions & 2 deletions sources/code/renderer/preload/docs.ts
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,9 @@
import { marked } from "marked";
import { sanitize } from "dompurify";
import { basename, relative, resolve } from "path";
import { existsSync, readFileSync } from "fs";
import { pathToFileURL, fileURLToPath } from "url";
import { protocols, sanitize } from "../../common/global";
import { protocols } from "../../common/global";
import * as _hljsmodule from "highlight.js";

const htmlFileUrl = document.URL;
Expand Down Expand Up @@ -40,7 +41,7 @@ function getId(url:string) {
}

function loadMarkdown(mdBody: HTMLElement, mdFile: string) {
mdBody.innerHTML = sanitize(marked.parse(readFileSync(mdFile).toString()), {});
mdBody.innerHTML = sanitize(marked.parse(readFileSync(mdFile).toString()));
}

function setBody(mdBody: HTMLElement, mdHeader: HTMLElement, mdFile: string, mdArticle: HTMLElement) {
Expand Down
7 changes: 4 additions & 3 deletions sources/code/renderer/preload/settings.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@ import { ipcRenderer } from "electron/renderer";
import type { htmlConfig } from "../../main/windows/settings";
import type { ConfigElement } from "../../main/modules/config";
import { getBuildInfo } from "../../common/modules/client";
import { wLog, sanitize, sanitizeConfig, knownInstancesList } from "../../common/global";
import { wLog, sanitizeConfig, knownInstancesList } from "../../common/global";
import { sanitize } from "dompurify";

type keys = <T>(o:T) => (keyof T)[];

Expand Down Expand Up @@ -68,9 +69,9 @@ function generateSettings(optionsGroups: htmlConfig) {
const pDesc = document.createElement("p");
const formContainer = document.createElement("form");

h2.innerHTML = sanitize(setting.name, {});
h2.innerHTML = sanitize(setting.name);
pDesc.classList.add("description");
pDesc.innerHTML = sanitize(setting.description, {} as unknown);
pDesc.innerHTML = sanitize(setting.description);
formContainer.classList.add("settingsContainer");

if("radio" in setting) {
Expand Down

0 comments on commit b5a553f

Please sign in to comment.