Northern_Lights/cherry-studio
1
0
Fork 0
mirror of https://github.com/CherryHQ/cherry-studio.git synced 2025-12-27 12:51:26 +08:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

refactor(Markdown): update disallowed elements to include 'script' for enhanced security

Browse Source
This commit is contained in:
kangfenmao 2025-08-19 18:11:20 +08:00
parent c5554995dd
commit 0368583cfc
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/renderer/src/pages/home/Markdown/Markdown.tsx
View File

@ -36,7 +36,7 @@ import Table from './Table'
const ALLOWED_ELEMENTS =
/<(style|p|div|span|b|i|strong|em|ul|ol|li|table|tr|td|th|thead|tbody|h[1-6]|blockquote|pre|code|br|hr|svg|path|circle|rect|line|polyline|polygon|text|g|defs|title|desc|tspan|sub|sup)/i
const DISALLOWED_ELEMENTS = ['iframe']
const DISALLOWED_ELEMENTS = ['iframe', 'script']
interface Props {
// message: Message & { content: string }