Skip to content

Commit

Permalink
Fix code scanning alert no. 3: DOM text reinterpreted as HTML
Browse files Browse the repository at this point in the history 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
  • Loading branch information
@km719 @github-advanced-security
km719 and github-advanced-security[bot] authored Dec 17, 2024
1 parent 7c78694 commit 9845e7a
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 3 deletions.
3 changes: 2 additions & 1 deletion assets/js/slick.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@

}(function ($) {
'use strict';
var DOMPurify = require('dompurify');
var Slick = window.Slick || {};

Slick = (function () {
Expand Down Expand Up @@ -1648,7 +1649,7 @@
if ($imgsToLoad.length) {

image = $imgsToLoad.first();
imageSource = image.attr('data-lazy');
imageSource = DOMPurify.sanitize(image.attr('data-lazy'));
imageToLoad = document.createElement('img');

imageToLoad.onload = function () {
Expand Down
5 changes: 3 additions & 2 deletions package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,8 @@
"dot-prop": "^5.3.0",
"jquery": "^3.7.1",
"netlify-cms": "^2.10.55",
"uswds": "^2.14.0"
"uswds": "^2.14.0",
"dompurify": "^3.2.3"
},
"devDependencies": {
"rimraf": "^3.0.2"
Expand All @@ -23,7 +24,7 @@
"minimist": "1.2.8",
"remark-parse": ">=10.0.1",
"mdast-util-to-hast": ">=5.0.0",
"trim":">=0.0.3",
"trim": ">=0.0.3",
"tough-cookie": ">=4.1.4",
"got": ">=11.8.5",
"trim-newlines": ">=5.0.0",
Expand Down

0 comments on commit 9845e7a

Please sign in to comment.