🛡️ Sentinel: [HIGH] Mitigate XSS in CodeBlock rendering via DOMPurify

Sanitize HTML string generated by Shiki before rendering it via `dangerouslySetInnerHTML` in CodeBlockEmbeddable and CodeBlockSidebar.
This commit is contained in:
ruinivist
2026-06-04 08:24:40 +00:00
parent 01300c7061
commit e034fabe62
5 changed files with 17 additions and 4 deletions
+2
View File
@@ -20,6 +20,7 @@
"dependencies": {
"@excalidraw/excalidraw": "^0.18.1",
"@modelcontextprotocol/sdk": "^1.29.0",
"dompurify": "^3.4.8",
"fast-json-patch": "^3.1.1",
"mcp-handler": "^1.1.0",
"react": "^19.2.6",
@@ -29,6 +30,7 @@
},
"devDependencies": {
"@types/bun": "^1.3.14",
"@types/dompurify": "^3.2.0",
"@types/react": "^19.2.15",
"@types/react-dom": "^19.2.3",
"prettier": "^3.8.3",