Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

危険なMarkdownをサニタイズする #46

Open
5 tasks
morioprog opened this issue Mar 24, 2021 · 0 comments
Open
5 tasks

危険なMarkdownをサニタイズする #46

morioprog opened this issue Mar 24, 2021 · 0 comments
Assignees
@morioprog
Labels
バグ Something isn't working 優先度低

Comments

@morioprog
Copy link
Collaborator

morioprog commented Mar 24, 2021
edited
Loading

概要

markedは標準だと危険なMarkdownも許してしまうので直したい

該当ファイル

  • pages/post/new.tsx
  • components/CommentCard.tsx
  • components/PostCard.tsx

タスク

  • DOMPurifyを導入する
    • yarn add dompurify @types/dompurify
  • utils/md2html.tsのようなものを作る
    • 内部でmarkedの結果をDOMPurifyに渡す
    • 以後、Markdownを変換する際はこれをimportする

参考
@morioprog morioprog added the バグ Something isn't working label Mar 24, 2021
@morioprog morioprog self-assigned this Mar 24, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@morioprog morioprog

Labels
バグ Something isn't working 優先度低
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@morioprog