creations/profilePage
1
2
Fork 3
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

Add more to buns purify
All checks were successful
Code quality checks / biome (push) Successful in 9s
Details

Browse source
This commit is contained in:
creations 2025-04-26 11:48:54 -04:00
parent c867c57a26
commit bafdfb47f9
Signed by: creations
GPG key ID: 8F553AA4320FC711
1 changed files with 28 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
src/routes/api/readme.ts
View file

@ -1,6 +1,5 @@
import { redisTtl } from "@config/environment"; import { redisTtl } from "@config/environment";
import { fetch } from "bun"; import { fetch, redis } from "bun";
import { redis } from "bun";
import { marked } from "marked"; import { marked } from "marked";
const routeDef: RouteDef = { const routeDef: RouteDef = {
@ -22,9 +21,34 @@ async function addLazyLoading(html: string): Promise<string> {
async function sanitizeHtml(html: string): Promise<string> { async function sanitizeHtml(html: string): Promise<string> {
return new HTMLRewriter() return new HTMLRewriter()
.on("script, iframe, object, embed, link[rel=import]", { .on(
"script, iframe, object, embed, link[rel=import], svg, math, base, meta[http-equiv='refresh']",
{
element(el) {
el.remove();
},
},
)
.on("*", {
element(el) { element(el) {
el.remove(); for (const [name, value] of el.attributes) {
const lowerName = name.toLowerCase();
const lowerValue = value.toLowerCase();
if (lowerName.startsWith("on")) {
el.removeAttribute(name);
}
if (
(lowerName === "href" ||
lowerName === "src" ||
lowerName === "action") &&
(lowerValue.startsWith("javascript:") ||
lowerValue.startsWith("data:"))
) {
el.removeAttribute(name);
}
}
}, },
}) })
.on("img", { .on("img", {