marcel/mermaid
1
0
Fork 0
mirror of https://github.com/mermaid-js/mermaid.git synced 2025-11-03 20:34:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master'

Browse Source 
Conflicts:
	cypress/platform/xss7.html
This commit is contained in:
Knut Sveidqvist
2021-09-29 08:51:54 +02:00
parent 75b79e1b23 f91920ab90
commit 35d8f33542
4 changed files with 19 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/diagrams/common/common.js
View File

@@ -29,10 +29,11 @@ export const removeScript = (txt) => {
}
}
rs = rs.replace(/javascript:/g, '#');
rs = rs.replace(/onerror=/g, 'onerror:');
rs = rs.replace(/<iframe/g, '');
rs = rs.replace(/script>/gi, '#');
rs = rs.replace(/script>/gi, '#');
rs = rs.replace(/javascript:/gi, '#');
rs = rs.replace(/onerror=/gi, 'onerror:');
rs = rs.replace(/<iframe/gi, '');
return rs;
};
@@ -64,7 +65,7 @@ const sanitizeMore = (text, config) => {
};
export const sanitizeText = (text, config) => {
const txt = sanitizeMore(DOMPurify.sanitize(text), config);
const txt = DOMPurify.sanitize(sanitizeMore(text, config));
return txt;
};