search

cure53 / DOMPurify

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
https://cure53.de/purify
Other
13.97k stars 723 forks source link

DOMPurify.sanitize() cannot access object before initialization #813

Closed zima702 closed 1 year ago

zima702 commented 1 year ago

This issue proposes a bug with the use of DOMpurify.sanitize() in versions 3.0.2 and 3.0.3

The issue stems from the use of DOMpurify.sanitize() in versions 3.0.2 and 3.0.3. An Uncaught ReferenceError appears in Chrome DevTools (Chrome v113.0.5672.137) and blocks the use of sanitize(). The issue seems to be related to the clone(object) function, with the error arising due to the use of entries(object). This issue does not present itself in version 2.4.5.

Valid form html is passed to sanitize() No string is returned from sanitize()

Chrome DevTools Uncaught ReferenceError IMG_7565

Invalid function clone(object) from 3.0.2 and 3.0.3 IMG_7566

Valid function clone(object) from 2.4.5 IMG_7567

cure53 commented 1 year ago

Heya, thanks for filing this. We have trouble reproducing the issue, can you share more details please?