Add sanitize-html on front-end when pasting into a comment field

So that only allowed tags are inputted into a comment, when copying from elsewhere Closes #836 Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-11-13 15:45:05 +01:00
parent 3d2fea6bb8
commit cf7744ab51
3 changed files with 48 additions and 2 deletions
--- a/js/package.json
+++ b/js/package.json
@@ -50,6 +50,7 @@
    "p-debounce": "^4.0.0",
    "phoenix": "^1.6",
    "register-service-worker": "^1.7.2",
+    "sanitize-html": "^2.5.3",
    "tippy.js": "^6.2.3",
    "unfetch": "^4.2.0",
    "v-tooltip": "^2.1.3",
@@ -74,6 +75,7 @@
    "@types/prosemirror-model": "^1.7.2",
    "@types/prosemirror-state": "^1.2.4",
    "@types/prosemirror-view": "^1.11.4",
+    "@types/sanitize-html": "^2.5.0",
    "@typescript-eslint/eslint-plugin": "^5.3.0",
    "@typescript-eslint/parser": "^5.3.0",
    "@vue/cli-plugin-babel": "~5.0.0-rc.0",