Molly: sanitise user input & Auto resize textarea

Fermain / -mollify

9 stars 9 forks source link

Molly: sanitise user input & Auto resize textarea #179

Closed MegumiKim closed 9 months ago

MegumiKim commented 9 months ago

Following changes are made in this PR:

Add DOMPurify to user input to prevent XXS and reinforce security
Add autoresize feature to chat box textarea
Add Molly icon to Molly's response

MegumiKim commented 9 months ago

Thanks @Melisa-Zorraindo! As suggested @types added!

MegumiKim commented 9 months ago

Last commit fixed a bug which enabled empty query to be sent.

MegumiKim commented 9 months ago

Spoke with Melisa about stress test of user input sanitisation.

I have tested with some basic XXS and DOMPurify has successfully removed malicious code before being sent to the server. Nevertheless I have created a separate issue for future sprint to run some thorough vulnerability test on Molly chat.