temporarily disable sanitization

2025-12-06 16:38:19 +01:00 · 2024-04-07 04:05:06 -10:00 · 2024-04-07 04:05:06 -10:00 · e72a4e76d6
parent 36671b68b0
commit e72a4e76d6
2 changed files with 7 additions and 6 deletions
--- a/server/api/api/v1/accounts/update_credentials/index.ts
+++ b/server/api/api/v1/accounts/update_credentials/index.ts
@ -3,7 +3,6 @@ import { convertTextToHtml } from "@formatting";
 import { errorResponse, jsonResponse } from "@response";
 import { sanitizeHtml } from "@sanitization";
 import ISO6391 from "iso-639-1";
-import { sanitize } from "isomorphic-dompurify";
 import { MediaBackendType } from "media-manager";
 import type { MediaBackend } from "media-manager";
 import { client } from "~database/datasource";
@ -60,11 +59,11 @@ export default apiRoute<{

    const sanitizedNote = await sanitizeHtml(note ?? "");

-    const sanitizedDisplayName = sanitize(display_name ?? "", {
+    const sanitizedDisplayName = display_name ?? ""; /*  sanitize(display_name ?? "", {
        ALLOWED_TAGS: [],
        ALLOWED_ATTR: [],
    });
-
+ */
    /* if (!user.source) {
 		user.source = {
 			privacy: "public",
--- a/utils/sanitization.ts
+++ b/utils/sanitization.ts
@ -1,8 +1,10 @@
 import { config } from "config-manager";
-import { sanitize } from "isomorphic-dompurify";
+// import { sanitize } from "isomorphic-dompurify";

 export const sanitizeHtml = async (html: string) => {
-    const sanitizedHtml = sanitize(html, {
+    // TEMP: Allow all tags and attributes
+    return html;
+    /*     const sanitizedHtml = sanitize(html, {
        ALLOWED_TAGS: [
            "a",
            "p",
@ -70,5 +72,5 @@ export const sanitizeHtml = async (html: string) => {
            },
        })
        .transform(new Response(sanitizedHtml))
-        .text();
+        .text(); */
 };