inventree/InvenTree
2
0
Fork 0
mirror of https://github.com/inventree/InvenTree.git synced 2025-04-29 20:16:44 +00:00
Code

Sanitize data before displaying in markdown editor (#3205)

Browse Source 
* Sanitize data before displaying in markdown editor

* Use the sanitize option provided by easymde

* Spelling fix
This commit is contained in:
Oliver 2022-06-16 10:57:28 +10:00 committed by GitHub
parent e83995b4f5
commit 9bd62f986f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
InvenTree/InvenTree/mixins.py
View File

@ -35,7 +35,7 @@ class CleanMixin():
return Response(serializer.data) return Response(serializer.data)
def clean_data(self, data: dict) -> dict: def clean_data(self, data: dict) -> dict:
"""Clean / snatize data. """Clean / sanitize data.
This uses mozillas bleach under the hood to disable certain html tags by This uses mozillas bleach under the hood to disable certain html tags by
encoding them - this leads to script tags etc. to not work. encoding them - this leads to script tags etc. to not work.

5
InvenTree/templates/js/translated/helpers.js
View File

@ -274,6 +274,11 @@ function setupNotesField(element, url, options={}) {
initialValue: initial, initialValue: initial,
toolbar: toolbar_icons, toolbar: toolbar_icons,
shortcuts: [], shortcuts: [],
renderingConfig: {
markedOptions: {
sanitize: true,
}
}
}); });