dan/Portfolio
1
0
Fork 0
mirror of https://github.com/danbulant/Portfolio synced 2026-06-05 15:50:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: dompurify

Browse source
This commit is contained in:
EETagent 2023-01-17 17:49:09 +01:00
parent 236e8f6386
commit 53a11c63c4
1 changed files with 3 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
frontend/src/lib/@api/candidate.ts
View file

@ -1,9 +1,5 @@
import axios, { type AxiosProgressEvent } from 'axios'; import axios, { type AxiosProgressEvent } from 'axios';
import type { import type { BaseCandidate, CandidateData, CandidateLogin } from '$lib/stores/candidate';
BaseCandidate,
CandidateData,
CandidateLogin,
} from '$lib/stores/candidate';
import type { SubmissionProgress } from '$lib/stores/portfolio'; import type { SubmissionProgress } from '$lib/stores/portfolio';
import { API_URL, errorHandler, type Fetch } from '.'; import { API_URL, errorHandler, type Fetch } from '.';
import DOMPurify from 'isomorphic-dompurify'; import DOMPurify from 'isomorphic-dompurify';
@ -86,18 +82,14 @@ export const apiFillDetails = async (data: CandidateData): Promise<CandidateData
Object.keys(data.candidate).forEach((key) => { Object.keys(data.candidate).forEach((key) => {
// eslint-disable-next-line @typescript-eslint/ban-ts-comment // eslint-disable-next-line @typescript-eslint/ban-ts-comment
// @ts-ignore // @ts-ignore
if (typeof data.candidate[key] !== 'string' && typeof data.candidate[key] !== 'number') return; if (typeof data.candidate[key] !== 'string') return;
// eslint-disable-next-line @typescript-eslint/ban-ts-comment // eslint-disable-next-line @typescript-eslint/ban-ts-comment
// @ts-ignore // @ts-ignore
data.candidate[key] = DOMPurify.sanitize(data.candidate[key]); data.candidate[key] = DOMPurify.sanitize(data.candidate[key]);
}); });
// Sanitize grades data // Sanitize grades data
for (let index = 0; index < data.candidate.grades.length; index++) { for (let index = 0; index < data.candidate.grades.length; index++) {
Object.keys(data.candidate.grades[index]).forEach((key) => { data.candidate.grades[index].subject = DOMPurify.sanitize(data.candidate.grades[index].subject);
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
// @ts-ignore
data.candidate.grades[index][key] = DOMPurify.sanitize(data.candidate.grades[index][key]);
});
} }
// Sanitize parents data // Sanitize parents data
for (let index = 0; index < data.parents.length; index++) { for (let index = 0; index < data.parents.length; index++) {