refactor: move shared utilities to lib/shared/ sub-packages
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Marcel
17
frontend/src/lib/shared/utils/sanitize.ts
Normal file
17
frontend/src/lib/shared/utils/sanitize.ts
Normal file
@@ -0,0 +1,17 @@
|
||||
import DOMPurify from 'isomorphic-dompurify';
|
||||
|
||||
const ALLOWED_TAGS = ['p', 'br', 'strong', 'em', 'h2', 'h3', 'ul', 'ol', 'li'];
|
||||
|
||||
/**
|
||||
* Render-side sanitiser for Geschichte body HTML. The backend already
|
||||
* sanitises with the OWASP allow-list on save, but we re-run on render
|
||||
* because the API can be called directly and stored content can pre-date
|
||||
* a tightening of the allow-list.
|
||||
*/
|
||||
export function safeHtml(raw: string | null | undefined): string {
|
||||
if (!raw) return '';
|
||||
return DOMPurify.sanitize(raw, {
|
||||
ALLOWED_TAGS,
|
||||
ALLOWED_ATTR: []
|
||||
});
|
||||
}
|
||||
Reference in New Issue
Block a user