wonderlandpark/core
2
1
Fork 0
mirror of https://github.com/koreanbots/core.git synced 2025-12-16 14:30:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: fixed markdown related high risk bugs

Browse Source 
fix: https://github.com/koreanbots/v2-testing/issues/29
fix: https://github.com/koreanbots/v2-testing/issues/31
This commit is contained in:
원더 2021-01-17 10:32:29 +09:00
parent 22990663b9
commit 0db9c69ff7
3 changed files with 15 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pages/_document.tsx
View File

@ -28,7 +28,7 @@ class MyDocument extends Document {
}} }}
/> />
</Head> </Head>
<body className='h-full text-black dark:text-gray-100 dark:bg-discord-dark bg-white'> <body className='h-full overflow-x-hidden text-black dark:text-gray-100 dark:bg-discord-dark bg-white'>
<Main /> <Main />
<NextScript /> <NextScript />
</body> </body>

4
pages/bots/[id].tsx
View File

@ -33,7 +33,7 @@ const Bots: NextPage<BotsProps> = ({ data, date }) => {
: `https://cdn.discordapp.com/embed/avatars/${Number(data.tag) % 5}.png?size=1024` : `https://cdn.discordapp.com/embed/avatars/${Number(data.tag) % 5}.png?size=1024`
} }
/> />
<div className='lg:flex'> <div className='lg:flex w-full'>
<div className='w-full text-center lg:w-1/4'> <div className='w-full text-center lg:w-1/4'>
<DiscordAvatar <DiscordAvatar
userID={data.id} userID={data.id}
@ -42,7 +42,7 @@ const Bots: NextPage<BotsProps> = ({ data, date }) => {
className='w-full' className='w-full'
/> />
</div> </div>
<div className='flex-grow px-5 py-12 w-full text-center lg:w-5/12 lg:text-left'> <div className='flex-grow px-5 py-12 w-full text-center lg:w-5/12 lg:text-left w-full'>
<div> <div>
<Tag <Tag
circular circular

14
pages/debug.tsx
View File

@ -79,8 +79,18 @@ https://github.com/koreanbots
</div> </div>
<div className='w-full lg:w-1/2 p-10 markdown-body'> <div className='w-full lg:w-1/2 p-10 markdown-body'>
<MarkdownView markdown={ formik.values.markdown } extensions={[ anchorHeader ]} options={{ openLinksInNewWindow: true, underline: true, emoji: true, omitExtraWLInCodeBlocks: true, literalMidWordUnderscores: true, simplifiedAutoLink: true, tables: true, strikethrough: true, smoothLivePreview: true, tasklists: true, ghCompatibleHeaderId: true, encodeEmails: true }} sanitizeHtml={(html)=> sanitizeHtml(html, { <MarkdownView markdown={ formik.values.markdown } extensions={[ anchorHeader ]} options={{ openLinksInNewWindow: true, underline: true, emoji: true, omitExtraWLInCodeBlocks: true, literalMidWordUnderscores: true, simplifiedAutoLink: true, tables: true, strikethrough: true, smoothLivePreview: true, tasklists: true, ghCompatibleHeaderId: true, encodeEmails: true }} sanitizeHtml={(html)=> sanitizeHtml(html, {
allowedTags: false, allowedTags: [
allowedAttributes: false 'addr', 'address', 'article', 'aside', 'h1', 'h2', 'h3', 'h4',
'h5', 'h6', 'section', 'blockquote', 'dd', 'div',
'dl', 'dt', 'hr', 'li', 'ol', 'p', 'pre',
'ul', 'a', 'abbr', 'b', 'bdi', 'bdo', 'br', 'cite', 'code', 'data', 'dfn',
'em', 'i', 'kbd', 'mark', 'q', 'rb', 'rp', 'rt', 'rtc', 'ruby', 's', 'samp',
'small', 'span', 'strong', 'sub', 'sup', 'time', 'u', 'var', 'wbr', 'caption',
'col', 'colgroup', 'table', 'tbody', 'td', 'tfoot', 'th', 'thead', 'tr', 'del',
'img', 'svg', 'input'
],
allowedAttributes: false,
disallowedTagsMode: 'escape'
})} /> })} />
</div> </div>
</div> </div>