niuniu/sub2api-cn-relay-manager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5ceaef450044e7b6510c2598e5fed690a9f3396a
sub2api-cn-relay-manager/frontend/src/utils/sanitize.ts

7 lines
194 B
TypeScript
Raw Normal View History

fix: custom menu security hardening and code quality improvements - Add admin menu permission check in CustomPageView (visibility + role) - Sanitize SVG content with DOMPurify before v-html rendering (XSS prevention) - Decouple router.go from dto package using anonymous struct - Consolidate duplicate parseCustomMenuItems into dto.ParseCustomMenuItems - Enhance menu item validation (count, length, ID uniqueness limits) - Add audit logging for purchase_subscription and custom_menu_items changes - Update API contract test to include custom_menu_items field Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-03 02:18:19 +08:00
import DOMPurify from 'dompurify'
export function sanitizeSvg(svg: string): string {
if (!svg) return ''
return DOMPurify.sanitize(svg, { USE_PROFILES: { svg: true, svgFilters: true } })
}
Reference in New Issue Copy Permalink