From 53a11c63c440287d49a033b8b6c78b691191cd2d Mon Sep 17 00:00:00 2001
From: EETagent <vojta.jungmann@gmail.com>
Date: Tue, 17 Jan 2023 17:49:09 +0100
Subject: [PATCH] fix: dompurify

---
 frontend/src/lib/@api/candidate.ts | 14 +++-----------
 1 file changed, 3 insertions(+), 11 deletions(-)

diff --git a/frontend/src/lib/@api/candidate.ts b/frontend/src/lib/@api/candidate.ts
index 8f57938..4f78b88 100644
--- a/frontend/src/lib/@api/candidate.ts
+++ b/frontend/src/lib/@api/candidate.ts
@@ -1,9 +1,5 @@
 import axios, { type AxiosProgressEvent } from 'axios';
-import type {
-	BaseCandidate,
-	CandidateData,
-	CandidateLogin,
-} from '$lib/stores/candidate';
+import type { BaseCandidate, CandidateData, CandidateLogin } from '$lib/stores/candidate';
 import type { SubmissionProgress } from '$lib/stores/portfolio';
 import { API_URL, errorHandler, type Fetch } from '.';
 import DOMPurify from 'isomorphic-dompurify';
@@ -86,18 +82,14 @@ export const apiFillDetails = async (data: CandidateData): Promise<CandidateData
 	Object.keys(data.candidate).forEach((key) => {
 		// eslint-disable-next-line @typescript-eslint/ban-ts-comment
 		// @ts-ignore
-		if (typeof data.candidate[key] !== 'string' && typeof data.candidate[key] !== 'number') return;
+		if (typeof data.candidate[key] !== 'string') return;
 		// eslint-disable-next-line @typescript-eslint/ban-ts-comment
 		// @ts-ignore
 		data.candidate[key] = DOMPurify.sanitize(data.candidate[key]);
 	});
 	// Sanitize grades data
 	for (let index = 0; index < data.candidate.grades.length; index++) {
-		Object.keys(data.candidate.grades[index]).forEach((key) => {
-			// eslint-disable-next-line @typescript-eslint/ban-ts-comment
-			// @ts-ignore
-			data.candidate.grades[index][key] = DOMPurify.sanitize(data.candidate.grades[index][key]);
-		});
+		data.candidate.grades[index].subject = DOMPurify.sanitize(data.candidate.grades[index].subject);
 	}
 	// Sanitize parents data
 	for (let index = 0; index < data.parents.length; index++) {