From c36b459e5870f90c4810c90c3bb317d87f648508 Mon Sep 17 00:00:00 2001
From: EETagent <vojta.jungmann@gmail.com>
Date: Sun, 4 Dec 2022 15:09:45 +0100
Subject: [PATCH] feat: sanitize details before upload

---
 frontend/src/lib/@api/candidate.ts | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/frontend/src/lib/@api/candidate.ts b/frontend/src/lib/@api/candidate.ts
index d0b2287..2f80d48 100644
--- a/frontend/src/lib/@api/candidate.ts
+++ b/frontend/src/lib/@api/candidate.ts
@@ -2,6 +2,7 @@ import axios, { type AxiosProgressEvent } from 'axios';
 import type { CandidateData, CandidateLogin } from '$lib/stores/candidate';
 import type { SubmissionProgress } from '$lib/stores/portfolio';
 import { API_URL, errorHandler, type Fetch } from '.';
+import DOMPurify from 'isomorphic-dompurify';
 
 // SSR Compatible
 export const apiLogout = async (fetchSsr?: Fetch) => {
@@ -76,7 +77,10 @@ export const apiLogin = async (data: CandidateLogin): Promise<number> => {
 };
 
 export const apiFillDetails = async (data: CandidateData): Promise<CandidateData> => {
-	console.log(data);
+	Object.keys(data).forEach(key => {
+		// @ts-ignore
+		data[key] = DOMPurify.sanitize(data[key]);
+	  });
 	try {
 		const res = await axios.post(API_URL + '/candidate/details', data, { withCredentials: true });
 		return res.data;