kyy/swagger-ui
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Ensure OAS3 Markdown fields are sanitized

Browse Source
This commit is contained in:
Kyle Shockey
2017-07-04 19:12:43 -07:00
parent 60701962b8
commit 8ed43a1329
2 changed files with 14 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/core/components/providers/markdown.jsx
View File

@@ -2,15 +2,8 @@ import React, { PropTypes } from "react"
import Remarkable from "react-remarkable"
import sanitize from "sanitize-html"
const sanitizeOptions = {
textFilter: function(text) {
return text
.replace(/"/g, "\"")
}
}
function Markdown({ source }) {
const sanitized = sanitize(source, sanitizeOptions)
const sanitized = sanitizer(source)
return <Remarkable
options={{html: true, typographer: true, linkify: true, linkTarget: "_blank"}}
source={sanitized}
@@ -22,3 +15,14 @@ Markdown.propTypes = {
}
export default Markdown
const sanitizeOptions = {
textFilter: function(text) {
return text
.replace(/&quot;/g, "\"")
}
}
export function sanitizer(str) {
return sanitize(str, sanitizeOptions)
}

3
src/core/plugins/oas3/wrap-components/markdown.js
View File

@@ -1,10 +1,11 @@
import React from "react"
import ReactMarkdown from "react-markdown"
import { OAS3ComponentWrapFactory } from "../helpers"
import { sanitizer } from "core/components/providers/markdown"
export default OAS3ComponentWrapFactory(({ source }) => { return source ? (
<ReactMarkdown
source={source}
source={sanitizer(source)}
className={"renderedMarkdown"}
/>
) : null})