Merge branch 'master' into fix-icon-fonts

2026-01-07 03:22:38 +00:00 · 2024-05-16 16:53:54 -04:00
parent f21d636846 fb299f898e
commit 0d1a3d55cf
3 changed files with 15157 additions and 15154 deletions
--- a/client/homebrew/brewRenderer/brewRenderer.jsx
+++ b/client/homebrew/brewRenderer/brewRenderer.jsx
@@ -14,6 +14,9 @@ const NotificationPopup = require('./notificationPopup/notificationPopup.jsx');
 const Frame = require('react-frame-component').default;
 const dedent = require('dedent-tabs').default;
 const DOMPurify = require('dompurify');
 const purifyConfig = { FORCE_BODY: true, SANITIZE_DOM: false };
 const Themes = require('themes/themes.json');
 const PAGE_HEIGHT = 1056;
@@ -33,8 +36,9 @@ const BrewPage = (props)=>{
 		index    : 0,
 		...props
 	};
 	const cleanText = DOMPurify.sanitize(props.contents, purifyConfig);
 	return <div className={props.className} id={`p${props.index + 1}`} >
-	         <div className='columnWrapper' dangerouslySetInnerHTML={{ __html: props.contents }} />
+	         <div className='columnWrapper' dangerouslySetInnerHTML={{ __html: cleanText }} />
 	       </div>;
 };
@@ -102,13 +106,6 @@ const BrewRenderer = (props)=>{
 		return false;
 	};
 	const sanitizeScriptTags = (content)=>{
 		return content
 			?.replace(/<script/ig, '&lt;script')
 			.replace(/<\/script>/ig, '&lt;/script&gt;')
 			|| '';
 	};
 	const renderPageInfo = ()=>{
 		return <div className='pageInfo' ref={mainRef}>
 			<div>
@@ -128,19 +125,18 @@ const BrewRenderer = (props)=>{
 	const renderStyle = ()=>{
 		if(!props.style) return;
-		const cleanStyle = sanitizeScriptTags(props.style);
+		const cleanStyle = DOMPurify.sanitize(props.style, purifyConfig);
 		//return <div style={{ display: 'none' }} dangerouslySetInnerHTML={{ __html: `<style>@layer styleTab {\n${sanitizeScriptTags(props.style)}\n} </style>` }} />;
 		return <div style={{ display: 'none' }} dangerouslySetInnerHTML={{ __html: `<style> ${cleanStyle} </style>` }} />;
 	};
 	const renderPage = (pageText, index)=>{
 		let cleanPageText = sanitizeScriptTags(pageText);
 		if(props.renderer == 'legacy') {
-			const html = MarkdownLegacy.render(cleanPageText);
+			const html = MarkdownLegacy.render(pageText);
 			return <BrewPage className='page phb' index={index} key={index} contents={html} />;
 		} else {
-			cleanPageText += `\n\n&nbsp;\n\\column\n&nbsp;`; //Artificial column break at page end to emulate column-fill:auto (until `wide` is used, when column-fill:balance will reappear)
+			pageText += `\n\n&nbsp;\n\\column\n&nbsp;`; //Artificial column break at page end to emulate column-fill:auto (until `wide` is used, when column-fill:balance will reappear)
-			const html = Markdown.render(cleanPageText, index);
+			const html = Markdown.render(pageText, index);
 			return <BrewPage className='page' index={index} key={index} contents={html} />;
 		}
 	};
@@ -211,11 +207,11 @@ const BrewRenderer = (props)=>{
 						<RenderWarnings />
 						<NotificationPopup />
 					</div>
-					<link href={`/themes/${rendererPath}/Blank/style.css`} type="text/css" rel='stylesheet'/>
+					<link href={`/themes/${rendererPath}/Blank/style.css`} type='text/css' rel='stylesheet'/>
 					{baseThemePath &&
-						<link href={`/themes/${rendererPath}/${baseThemePath}/style.css`} type="text/css" rel='stylesheet'/>
+						<link href={`/themes/${rendererPath}/${baseThemePath}/style.css`} type='text/css' rel='stylesheet'/>
 					}
-					<link href={`/themes/${rendererPath}/${themePath}/style.css`} type="text/css" rel='stylesheet'/>
+					<link href={`/themes/${rendererPath}/${themePath}/style.css`} type='text/css' rel='stylesheet'/>
 					{/* Apply CSS from Style tab and render pages from Markdown tab */}
 					{state.isMounted
--- a/package-lock.json
+++ b/package-lock.json
@@ -21,6 +21,7 @@
        "cookie-parser": "^1.4.6",
        "create-react-class": "^15.7.0",
        "dedent-tabs": "^0.10.3",
        "dompurify": "^3.1.1",
        "expr-eval": "^2.0.2",
        "express": "^4.19.2",
        "express-async-handler": "^1.2.0",
@@ -5414,6 +5415,11 @@
        "npm": ">=1.2"
      }
    },
    "node_modules/dompurify": {
      "version": "3.1.1",
      "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.1.1.tgz",
      "integrity": "sha512-tVP8C/GJwnABOn/7cx/ymx/hXpmBfWIPihC1aOEvS8GbMqy3pgeYtJk1HXN3CO7tu+8bpY18f6isjR5Cymj0TQ=="
    },
    "node_modules/duplexer2": {
      "version": "0.1.4",
      "resolved": "https://registry.npmjs.org/duplexer2/-/duplexer2-0.1.4.tgz",
--- a/package.json
+++ b/package.json
@@ -93,6 +93,7 @@
    "cookie-parser": "^1.4.6",
    "create-react-class": "^15.7.0",
    "dedent-tabs": "^0.10.3",
    "dompurify": "^3.1.1",
    "expr-eval": "^2.0.2",
    "express": "^4.19.2",
    "express-async-handler": "^1.2.0",