npm - @optimiser/common - Versions diffs - 1.0.399 → 1.0.400 - Mend

@optimiser/common 1.0.399 → 1.0.400

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/lib/utility.js +22 -9
package/package.json +1 -1

package/dist/lib/utility.js CHANGED Viewed

@@ -4760,14 +4760,27 @@ function IsAnotherObjectField(pageData, fieldName) {
     }
     return false;
 }
-var CustomSanitizeHtml = function (dirtyHtml) {
-    var sanitizeHtmlContent = (0, sanitize_html_1.default)(dirtyHtml, {
-        allowedTags: sanitize_html_1.default.defaults.allowedTags,
-        allowedAttributes: {
-            '*': ['class'], // Allow 'class' attribute on all tags
-        } // QPC-9587 sanitized html allowed class attribute
-    });
-    return sanitizeHtmlContent.replace(/&amp;/g, '&').replace(/&lt;/g, '<').replace(/&gt;/g, '>');
+var CustomSanitizeHtml = function (dirtyHtml, uiDataType) {
+    // Define default sanitization options
+    var defaultOptions = {
+        allowedTags: sanitize_html_1.default.defaults.allowedTags || false, // Use an empty array if defaults are unavailable
+        allowedAttributes: false
+    };
+    // Determine sanitization options based on uiDataType
+    var sanitizeOptions = (uiDataType === 'texteditor') ? defaultOptions : {};
+    try {
+        // Sanitize the HTML content
+        var sanitizedHtmlContent = (0, sanitize_html_1.default)(dirtyHtml, sanitizeOptions);
+        // Replace HTML entities with their characters (use caution)
+        return sanitizedHtmlContent
+            .replace(/&amp;/g, '&')
+            .replace(/&lt;/g, '<')
+            .replace(/&gt;/g, '>');
+    }
+    catch (error) {
+        console.error('Sanitization failed:', error);
+        return ''; // Return empty string or handle error as needed
+    }
 };
 /*
 * Created by:  Nirbhay as on 01-09-22
@@ -4839,7 +4852,7 @@ function ValidateUserInput(options) {
                                     if (!field) return [3 /*break*/, 58];
                                     //sanitizing Html and added IgnoreSanitizeHtml condition so that it can be ignored for certain fields
                                     if (!field.IgnoreSanitizeHtml && IsStringValue(fieldData)) {
-                                        inputFields[fieldName] = CustomSanitizeHtml(fieldData);
+                                        inputFields[fieldName] = CustomSanitizeHtml(fieldData, field.UIDataType);
                                         fieldData = inputFields[fieldName];
                                     }
                                     if (field.DisableValidateUserInput) {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@optimiser/common",
-  "version": "1.0.399",
+  "version": "1.0.400",
   "description": "",
   "main": "dist/index.js",
   "scripts": {