fix(api): 🚑 Replace isomorphic-dompurify with plain jsdom and dompurify

2025-12-06 08:28:19 +01:00 · 2024-05-02 14:21:09 -10:00 · 2024-05-02 14:21:09 -10:00 · 74873fe924
parent a339b7fa94
commit 74873fe924
3 changed files with 6 additions and 3 deletions
--- a/bun.lockb
+++ b/bun.lockb
--- a/package.json
+++ b/package.json
@ -55,6 +55,7 @@
        "@types/cli-table": "^0.3.4",
        "@types/html-to-text": "^9.0.4",
        "@types/ioredis": "^5.0.0",
        "@types/jsdom": "^21.1.6",
        "@types/jsonld": "^1.5.13",
        "@types/markdown-it-container": "^2.0.10",
        "@types/mime-types": "^2.1.4",
@ -77,14 +78,15 @@
        "cli-parser": "workspace:*",
        "cli-table": "^0.3.11",
        "config-manager": "workspace:*",
        "dompurify": "^3.1.2",
        "drizzle-orm": "^0.30.7",
        "extract-zip": "^2.0.1",
        "html-to-text": "^9.0.5",
        "ioredis": "^5.3.2",
        "ip-matching": "^2.1.2",
        "iso-639-1": "^3.1.0",
        "isomorphic-dompurify": "^2.9.0",
        "jose": "^5.2.4",
        "jsdom": "^24.0.0",
        "linkify-html": "^4.1.3",
        "linkify-string": "^4.1.3",
        "linkifyjs": "^4.1.3",
--- a/utils/sanitization.ts
+++ b/utils/sanitization.ts
@ -1,11 +1,12 @@
 import { config } from "config-manager";
-import DOMPurify from "isomorphic-dompurify";
+import DOMPurify from "dompurify";
 import { JSDOM } from "jsdom";
 export const sanitizeHtml = async (
    html: string,
    extraConfig?: DOMPurify.Config,
 ) => {
-    const sanitizedHtml = DOMPurify.sanitize(html, {
+    const sanitizedHtml = DOMPurify(new JSDOM().window).sanitize(html, {
        ALLOWED_TAGS: [
            "a",
            "p",