Dockery/Trilium
1
0
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2026-05-06 18:06:41 +02:00
Code Issues Packages Projects Releases Activity

fix(client): resolve issue with sanitized HTML in client

Browse Source
This commit is contained in:
perfectra1n
2026-04-12 15:22:28 -07:00
parent e9795dab9d
commit 554ada65b2
3 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
apps/client/src/widgets/dialogs/revisions.tsx
View File

@@ -14,6 +14,7 @@ import { t } from "../../services/i18n";
import { renderMathInElement } from "../../services/math";
import open from "../../services/open";
import options from "../../services/options";
import { sanitizeNoteContentHtml } from "../../services/sanitize_content.js";
import protected_session_holder from "../../services/protected_session_holder";
import server from "../../services/server";
import toast from "../../services/toast";
@@ -291,7 +292,7 @@ function RevisionContentText({ content }: { content: string | Buffer<ArrayBuffer
renderMathInElement(contentRef.current, { trust: true });
}
}, [content]);
return <RawHtmlBlock containerRef={contentRef} className="ck-content" html={content as string} />;
return <RawHtmlBlock containerRef={contentRef} className="ck-content" html={sanitizeNoteContentHtml(content as string)} />;
}
function RevisionContentDiff({ noteContent, itemContent, itemType }: {

4
apps/client/src/widgets/react/RawHtml.tsx
View File

@@ -1,8 +1,6 @@
import DOMPurify from "dompurify";
import type { CSSProperties, HTMLProps, RefObject } from "preact/compat";
import { sanitizeNoteContentHtml } from "../../services/sanitize_content.js";
type HTMLElementLike = string | HTMLElement | JQuery<HTMLElement>;
interface RawHtmlProps extends Pick<HTMLProps<HTMLElement>, "tabindex" | "dir"> {
@@ -39,7 +37,7 @@ export function getHtml(html: string | HTMLElement | JQuery<HTMLElement>) {
}
return {
__html: sanitizeNoteContentHtml(html as string)
__html: html as string
};
}

3
apps/client/src/widgets/type_widgets/text/ReadOnlyText.tsx
View File

@@ -13,6 +13,7 @@ import { applyInlineMermaid, rewriteMermaidDiagramsInContainer } from "../../../
import { getLocaleById } from "../../../services/i18n";
import { renderMathInElement } from "../../../services/math";
import { formatCodeBlocks } from "../../../services/syntax_highlight";
import { sanitizeNoteContentHtml } from "../../../services/sanitize_content.js";
import { useNoteBlob, useNoteLabel, useTriliumEvent, useTriliumOptionBool } from "../../react/hooks";
import { RawHtmlBlock } from "../../react/RawHtml";
import TouchBar, { TouchBarButton, TouchBarSpacer } from "../../react/TouchBar";
@@ -61,7 +62,7 @@ export default function ReadOnlyText({ note, noteContext, ntxId }: TypeWidgetPro
className={clsx("note-detail-readonly-text-content ck-content use-tn-links selectable-text", codeBlockWordWrap && "word-wrap")}
tabindex={100}
dir={isRtl ? "rtl" : "ltr"}
html={blob?.content}
html={blob?.content ? sanitizeNoteContentHtml(blob.content as string) : undefined}
/>
<TouchBar>