binarybeach/bb-plane-fork
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

refactor: sanitize HTML function (#8307)

Browse source 
* refactor: replace isomorphic-dompurify with sanitize-html

* dompurify fixes

* more fixes with fallback and title

* build

---------

Co-authored-by: Prateek Shourya <prateekshourya29@gmail.com>
This commit is contained in:
M. Palanikannan 2025-12-11 13:30:31 +05:30 committed by GitHub
parent 76ebf395e6
commit e0c97c5471
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
14 changed files with 235 additions and 260 deletions
Download patch file Download diff file Expand all files Collapse all files

3
packages/utils/package.json
View file

@ -27,7 +27,6 @@
"@plane/types": "workspace:*",
"clsx": "^2.1.1",
"date-fns": "^4.1.0",
"dompurify": "3.2.7",
"hast": "^1.0.0",
"hast-util-to-mdast": "^10.1.2",
"lodash-es": "catalog:",
@ -38,6 +37,7 @@
"rehype-remark": "^10.0.1",
"remark-gfm": "^4.0.1",
"remark-stringify": "^11.0.0",
"sanitize-html": "2.17.0",
"tailwind-merge": "^2.5.5",
"unified": "^11.0.5",
"uuid": "catalog:"
@ -49,6 +49,7 @@
"@types/mdast": "^4.0.4",
"@types/node": "catalog:",
"@types/react": "catalog:",
"@types/sanitize-html": "2.16.0",
"tsdown": "catalog:",
"typescript": "catalog:"
},

8
packages/utils/src/string.ts
View file

@ -1,4 +1,4 @@
import DOMPurify from "dompurify";
import sanitizeHtml from "sanitize-html";
import type { Content, JSONContent } from "@plane/types";
/**
@ -120,7 +120,7 @@ const text = stripHTML(html);
console.log(text); // Some text
*/
export const sanitizeHTML = (htmlString: string) => {
const sanitizedText = DOMPurify.sanitize(htmlString, { ALLOWED_TAGS: [] }); // sanitize the string to remove all HTML tags
const sanitizedText = sanitizeHtml(htmlString, { allowedTags: [] }); // sanitize the string to remove all HTML tags
return sanitizedText.trim(); // trim the string to remove leading and trailing whitespaces
};
@ -155,8 +155,8 @@ export const checkEmailValidity = (email: string): boolean => {
};
export const isEmptyHtmlString = (htmlString: string, allowedHTMLTags: string[] = []) => {
// Remove HTML tags using DOMPurify
const cleanText = DOMPurify.sanitize(htmlString, { ALLOWED_TAGS: allowedHTMLTags });
// Remove HTML tags using sanitize-html
const cleanText = sanitizeHtml(htmlString, { allowedTags: allowedHTMLTags });
// Trim the string and check if it's empty
return cleanText.trim() === "";
};