Open jmformenti opened 1 week ago
All the places with this comment:
<!-- eslint-disable-next-line vue/no-v-html -->
should be sanitized to avoid html injection. In a quick look I see this library: https://www.npmjs.com/package/sanitize-html Maybe there is a better option but the idea is apply some sanitization, at least, remove script tags.
All the places with this comment:
should be sanitized to avoid html injection. In a quick look I see this library: https://www.npmjs.com/package/sanitize-html Maybe there is a better option but the idea is apply some sanitization, at least, remove script tags.