mirror of
https://github.com/fastmail/Squire.git
synced 2024-12-22 07:13:08 -05:00
Use sanitizeToDOMFragment fn for undo/redo
The content should be safe anyway as it will already have been sanitised, however mXSS attacks are still a slight risk so safer to always run it through the sanitiser.
This commit is contained in:
parent
df2201038b
commit
108ff8f475
3 changed files with 20 additions and 5 deletions
|
@ -1265,7 +1265,9 @@ var keys = {
|
|||
37: 'left',
|
||||
39: 'right',
|
||||
46: 'delete',
|
||||
191: '/',
|
||||
219: '[',
|
||||
220: '\\',
|
||||
221: ']'
|
||||
};
|
||||
|
||||
|
@ -3888,10 +3890,9 @@ var increaseBlockQuoteLevel = function ( frag ) {
|
|||
};
|
||||
|
||||
var decreaseBlockQuoteLevel = function ( frag ) {
|
||||
var root = this._root;
|
||||
var blockquotes = frag.querySelectorAll( 'blockquote' );
|
||||
Array.prototype.filter.call( blockquotes, function ( el ) {
|
||||
return !getNearest( el.parentNode, root, 'BLOCKQUOTE' );
|
||||
return !getNearest( el.parentNode, frag, 'BLOCKQUOTE' );
|
||||
}).forEach( function ( el ) {
|
||||
replaceWith( el, empty( el ) );
|
||||
});
|
||||
|
@ -4172,7 +4173,14 @@ proto._getHTML = function () {
|
|||
proto._setHTML = function ( html ) {
|
||||
var root = this._root;
|
||||
var node = root;
|
||||
var sanitizeToDOMFragment = this._config.sanitizeToDOMFragment;
|
||||
if ( typeof sanitizeToDOMFragment === 'function' ) {
|
||||
var frag = sanitizeToDOMFragment( html, false, this );
|
||||
empty( node );
|
||||
node.appendChild( frag );
|
||||
} else {
|
||||
node.innerHTML = html;
|
||||
}
|
||||
do {
|
||||
fixCursor( node, root );
|
||||
} while ( node = getNextBlock( node, root ) );
|
||||
|
|
File diff suppressed because one or more lines are too long
|
@ -1600,7 +1600,14 @@ proto._getHTML = function () {
|
|||
proto._setHTML = function ( html ) {
|
||||
var root = this._root;
|
||||
var node = root;
|
||||
var sanitizeToDOMFragment = this._config.sanitizeToDOMFragment;
|
||||
if ( typeof sanitizeToDOMFragment === 'function' ) {
|
||||
var frag = sanitizeToDOMFragment( html, false, this );
|
||||
empty( node );
|
||||
node.appendChild( frag );
|
||||
} else {
|
||||
node.innerHTML = html;
|
||||
}
|
||||
do {
|
||||
fixCursor( node, root );
|
||||
} while ( node = getNextBlock( node, root ) );
|
||||
|
|
Loading…
Reference in a new issue