Commit
•
0ca99f1
1
Parent(s):
b7f9ccb
add basic html sanitizing (#40)
Browse files* add basic html sanitizing
* fix prose overriding styling of code block
* lazy load HTML sanitizer
* simplify sanitization
* make sure sanitizedContent is kicking in on prop changes
Co-authored-by: Eliott C. <coyotte508@gmail.com>
* fix reactive statement not running on SSR
---------
Co-authored-by: Eliott C. <coyotte508@gmail.com>
src/lib/components/chat/ChatMessage.svelte
CHANGED
@@ -6,6 +6,10 @@
|
|
6 |
|
7 |
import CopyToClipBoardBtn from '../CopyToClipBoardBtn.svelte';
|
8 |
|
|
|
|
|
|
|
|
|
9 |
export let message: Message;
|
10 |
let html = '';
|
11 |
let el: HTMLElement;
|
@@ -49,9 +53,9 @@
|
|
49 |
renderer
|
50 |
};
|
51 |
|
52 |
-
$: browser && marked(message.content, options, handleParsed);
|
53 |
|
54 |
-
html = marked(message.content, options);
|
55 |
|
56 |
afterUpdate(() => {
|
57 |
if (el) {
|
@@ -83,7 +87,7 @@
|
|
83 |
class="mt-5 w-3 h-3 flex-none rounded-full shadow-lg"
|
84 |
/>
|
85 |
<div
|
86 |
-
class="relative rounded-2xl px-5 py-3.5 border border-gray-100 bg-gradient-to-br from-gray-50 dark:from-gray-800/40 dark:border-gray-800
|
87 |
bind:this={el}
|
88 |
>
|
89 |
{@html html}
|
|
|
6 |
|
7 |
import CopyToClipBoardBtn from '../CopyToClipBoardBtn.svelte';
|
8 |
|
9 |
+
function sanitizeMd(md: string) {
|
10 |
+
return md.replaceAll('<', '<');
|
11 |
+
}
|
12 |
+
|
13 |
export let message: Message;
|
14 |
let html = '';
|
15 |
let el: HTMLElement;
|
|
|
53 |
renderer
|
54 |
};
|
55 |
|
56 |
+
$: browser && marked(sanitizeMd(message.content), options, handleParsed);
|
57 |
|
58 |
+
html = marked(sanitizeMd(message.content), options);
|
59 |
|
60 |
afterUpdate(() => {
|
61 |
if (el) {
|
|
|
87 |
class="mt-5 w-3 h-3 flex-none rounded-full shadow-lg"
|
88 |
/>
|
89 |
<div
|
90 |
+
class="prose dark:prose-invert :prose-pre:bg-gray-100 dark:prose-pre:bg-gray-950 relative rounded-2xl px-5 py-3.5 border border-gray-100 bg-gradient-to-br from-gray-50 dark:from-gray-800/40 dark:border-gray-800 text-gray-600 dark:text-gray-300"
|
91 |
bind:this={el}
|
92 |
>
|
93 |
{@html html}
|
src/styles/main.css
CHANGED
@@ -16,7 +16,7 @@
|
|
16 |
}
|
17 |
|
18 |
.code-block {
|
19 |
-
@apply relative
|
20 |
}
|
21 |
|
22 |
.code-block > pre {
|
|
|
16 |
}
|
17 |
|
18 |
.code-block {
|
19 |
+
@apply relative rounded-lg my-4;
|
20 |
}
|
21 |
|
22 |
.code-block > pre {
|