dan/Portfolio
1
0
Fork 0
mirror of https://github.com/danbulant/Portfolio synced 2026-05-26 21:41:50 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: disable dompurify for non string & number types

Browse source
This commit is contained in:
EETagent 2023-01-17 16:42:14 +01:00
parent 13bfa5767b
commit 2d6cda1aef
1 changed files with 3 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
frontend/src/lib/@api/candidate.ts
View file

@ -85,8 +85,9 @@ export const apiLogin = async (data: CandidateLogin): Promise<number> => {
export const apiFillDetails = async (data: CandidateData): Promise<CandidateData> => { export const apiFillDetails = async (data: CandidateData): Promise<CandidateData> => {
// Sanitize candidate data // Sanitize candidate data
Object.keys(data.candidate).forEach((key) => { Object.keys(data.candidate).forEach((key) => {
// TODO: Enable DOMPurify onyl on string & number types // eslint-disable-next-line @typescript-eslint/ban-ts-comment
if (key === "grades") return; // @ts-ignore
if (typeof data.candidate[key] !== 'string' && typeof data.candidate[key] !== 'number') return;
// eslint-disable-next-line @typescript-eslint/ban-ts-comment // eslint-disable-next-line @typescript-eslint/ban-ts-comment
// @ts-ignore // @ts-ignore
data.candidate[key] = DOMPurify.sanitize(data.candidate[key]); data.candidate[key] = DOMPurify.sanitize(data.candidate[key]);