@buerokratt-ria/common-gui-components 0.0.36 → 0.0.37

package/CHANGELOG.md

@@ -4,6 +4,10 @@ All changes to this project will be documented in this file.
 
 ## Template [MajorVersion.MediterraneanVersion.MinorVersion] - DD-MM-YYYY
 
+## [0.0.37] - 19.01.2026
+
+- Added Sanitization to Markdownify
+
 ## [0.0.36] - 14.01.2026
 
 - Hide $backoffice, $validate_ and $general_knowledge from end user

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@buerokratt-ria/common-gui-components",
-  "version": "0.0.36",
+  "version": "0.0.37",
   "description": "Common GUI components and pre defined templates.",
   "main": "index.ts",
   "author": "ExiRai",
@@ -59,7 +59,9 @@
     "use-debounce": "^10.0.1",
     "usehooks-ts": "^2.9.1",
     "uuid": "^9.0.0",
-    "zustand": "^4.4.4"
+    "zustand": "^4.4.4",
+    "sanitize-html": "^2.17.0",
+    "@types/sanitize-html": "^2.16.0"
   },
   "devDependencies": {
     "@buerokratt-ria/header": "^0.1.20",
@@ -118,6 +120,8 @@
     "@types/react": "^18.0.26",
     "@types/react-cookies": "^0.1.3",
     "@types/react-dom": "^18.0.9",
-    "typescript": "^5.7.3"
+    "typescript": "^5.7.3",
+    "sanitize-html": "^2.17.0",
+    "@types/sanitize-html": "^2.16.0"
   }
 }

package/ui-components/Chat/Markdownify.tsx

@@ -1,6 +1,6 @@
 import React, { useState } from "react";
 import Markdown from "markdown-to-jsx";
-import "./Chat.scss";
+import sanitizeHtml from "sanitize-html";
 
 interface MarkdownifyProps {
   message: string | undefined;
@@ -44,9 +44,11 @@ const LinkPreview: React.FC<{
 const hasSpecialFormat = (m: string) => m.includes("\n\n") && m.indexOf(".") > 0 && m.indexOf(":") > m.indexOf(".");
 
 function formatMessage(message?: string): string {
-  if (!message) return "";
+  const sanitizedMessage = sanitizeHtml(message ?? "");
 
-  const filteredMessage = message
+  if (!sanitizedMessage) return "";
+
+  const filteredMessage = sanitizedMessage
     .replaceAll(/\\?\$b\w*/g, "")
     .replaceAll(/\\?\$v\w*/g, "")
     .replaceAll(/\\?\$g\w*/g, "");