Sanitize markdown HTML output with DOMPurify to prevent XSS (#658)

2026-06-07 16:13:55 +02:00 · 2026-04-15 04:22:38 +02:00
parent b2d77faa6c
commit 812f8b6314
6 changed files with 1299 additions and 3 deletions
@@ -58,6 +58,7 @@
    "express-slow-down": "^2.0.1",
    "got": "^11.8.6",
    "inquirer": "^8.2.6",
+    "isomorphic-dompurify": "^3.8.0",
    "istextorbinary": "^9.5.0",
    "marked": "^5.1.2",
    "mime-types": "^2.1.35",
@@ -86,6 +87,7 @@
    "@types/passport": "^1.0.16",
    "@types/passport-github2": "^1.2.9",
    "@types/unzip-stream": "^0.3.4",
+    "chai": "^4.5.0",
    "gulp": "^5.0.0",
    "gulp-clean-css": "^4.3.0",
    "gulp-concat": "^2.6.1",