@salesforcedevs/docs-components 1.14.4 → 1.14.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@salesforcedevs/docs-components",
|
|
3
|
-
"version": "1.14.
|
|
3
|
+
"version": "1.14.5",
|
|
4
4
|
"description": "Docs Lightning web components for DSC",
|
|
5
5
|
"license": "MIT",
|
|
6
6
|
"main": "index.js",
|
|
@@ -13,6 +13,7 @@
|
|
|
13
13
|
"dependencies": {
|
|
14
14
|
"@api-components/amf-helper-mixin": "4.5.29",
|
|
15
15
|
"classnames": "2.5.1",
|
|
16
|
+
"dompurify": "3.2.4",
|
|
16
17
|
"kagekiri": "1.4.2",
|
|
17
18
|
"lodash.orderby": "4.6.0",
|
|
18
19
|
"lodash.uniqby": "4.7.0",
|
|
@@ -24,5 +25,5 @@
|
|
|
24
25
|
"@types/lodash.orderby": "4.6.9",
|
|
25
26
|
"@types/lodash.uniqby": "4.7.9"
|
|
26
27
|
},
|
|
27
|
-
"gitHead": "
|
|
28
|
+
"gitHead": "748ad013c195450fab83df8580f744fe4dd23857"
|
|
28
29
|
}
|
|
@@ -18,6 +18,7 @@ import { LightningElementWithState } from "dxBaseElements/lightningElementWithSt
|
|
|
18
18
|
import { logCoveoPageView, oldVersionDocInfo } from "docUtils/utils";
|
|
19
19
|
import { Breadcrumb, DocPhaseInfo, Language } from "typings/custom";
|
|
20
20
|
import { track as trackGTM } from "dxUtils/analytics";
|
|
21
|
+
import DOMPurify from "dompurify";
|
|
21
22
|
|
|
22
23
|
// TODO: Imitating from actual implementation as doc-content use it like this. We should refactor it later.
|
|
23
24
|
const handleContentError = (error: any): void => console.log(error);
|
|
@@ -425,9 +426,19 @@ export default class DocXmlContent extends LightningElementWithState<{
|
|
|
425
426
|
.catch(handleContentError);
|
|
426
427
|
}
|
|
427
428
|
|
|
429
|
+
private sanitizeUrlPart(part: string | undefined): string | undefined {
|
|
430
|
+
if (!part) {
|
|
431
|
+
return part;
|
|
432
|
+
}
|
|
433
|
+
return DOMPurify.sanitize(part);
|
|
434
|
+
}
|
|
435
|
+
|
|
428
436
|
getReferenceFromUrl(): PageReference {
|
|
429
437
|
const [page, docId, deliverable, contentDocumentId] =
|
|
430
|
-
window.location.pathname
|
|
438
|
+
window.location.pathname
|
|
439
|
+
.substr(1)
|
|
440
|
+
.split("/")
|
|
441
|
+
.map(this.sanitizeUrlPart);
|
|
431
442
|
|
|
432
443
|
const { origin: domain, hash, search } = window.location;
|
|
433
444
|
|
|
@@ -436,9 +447,9 @@ export default class DocXmlContent extends LightningElementWithState<{
|
|
|
436
447
|
deliverable,
|
|
437
448
|
docId,
|
|
438
449
|
domain,
|
|
439
|
-
hash,
|
|
450
|
+
hash: this.sanitizeUrlPart(hash),
|
|
440
451
|
page,
|
|
441
|
-
search
|
|
452
|
+
search: this.sanitizeUrlPart(search)
|
|
442
453
|
};
|
|
443
454
|
}
|
|
444
455
|
|
|
@@ -701,7 +712,7 @@ export default class DocXmlContent extends LightningElementWithState<{
|
|
|
701
712
|
|
|
702
713
|
addMetatags(): void {
|
|
703
714
|
const div = document.createElement("div");
|
|
704
|
-
div.innerHTML = this.docContent;
|
|
715
|
+
div.innerHTML = DOMPurify.sanitize(this.docContent);
|
|
705
716
|
const docDescription = div.querySelector(".shortdesc")?.textContent;
|
|
706
717
|
const topicTitle = div.querySelector("h1")?.textContent;
|
|
707
718
|
|