@optimiser/common 1.0.384 → 1.0.385
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/lib/utility.js +14 -1
- package/package.json +1 -1
package/dist/lib/utility.js
CHANGED
|
@@ -4735,6 +4735,19 @@ function IsAnotherObjectField(pageData, fieldName) {
|
|
|
4735
4735
|
}
|
|
4736
4736
|
return false;
|
|
4737
4737
|
}
|
|
4738
|
+
var CustomSanitizeHtml = function (dirtyHtml) {
|
|
4739
|
+
return (0, sanitize_html_1.default)(dirtyHtml, {
|
|
4740
|
+
allowedTags: sanitize_html_1.default.defaults.allowedTags.concat(['body']), // Preserve <body> tag
|
|
4741
|
+
allowedAttributes: {
|
|
4742
|
+
'*': ['href', 'align', 'alt', 'center', 'bgcolor', 'src', 'title', 'width'],
|
|
4743
|
+
},
|
|
4744
|
+
allowedSchemes: ['http', 'https', 'mailto'], // Allow URLs with these schemes
|
|
4745
|
+
textFilter: function (text) { return text; }, // Keep special characters like & intact
|
|
4746
|
+
parser: {
|
|
4747
|
+
decodeEntities: false, // Prevent converting & to &
|
|
4748
|
+
},
|
|
4749
|
+
});
|
|
4750
|
+
};
|
|
4738
4751
|
/*
|
|
4739
4752
|
* Created by: Nirbhay as on 01-09-22
|
|
4740
4753
|
* This is a common function and used to validate user input format.
|
|
@@ -4805,7 +4818,7 @@ function ValidateUserInput(options) {
|
|
|
4805
4818
|
if (!field) return [3 /*break*/, 58];
|
|
4806
4819
|
//sanitizing Html and added IgnoreSanitizeHtml condition so that it can be ignored for certain fields
|
|
4807
4820
|
if (!field.IgnoreSanitizeHtml && IsStringValue(fieldData)) {
|
|
4808
|
-
inputFields[fieldName] = (
|
|
4821
|
+
inputFields[fieldName] = CustomSanitizeHtml(fieldData);
|
|
4809
4822
|
fieldData = inputFields[fieldName];
|
|
4810
4823
|
}
|
|
4811
4824
|
if (field.DisableValidateUserInput) {
|