fix: Avoid TypeError for null values on CUSTOM_ELEMENT_HANDLING config.

cure53 / DOMPurify

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

https://cure53.de/purify

Other

13.61k stars 695 forks source link

fix: Avoid TypeError for null values on CUSTOM_ELEMENT_HANDLING config. #898

Closed cpmotion closed 8 months ago

cpmotion commented 8 months ago

ISSUE-897

Summary

See issue. Change made in utils and test added.

Tasks

Not sure if there's a better way to inverse assert in the test. Please advise if so. Tested locally to pass and fail. It "works" but kind of a workaround for QUnit it seems...

cpmotion commented 8 months ago

Just realized saving in test-suite applied prettier fixes. I guess prettier is not running in pipeline to validate against config. Hmm, I'm going to undo those lines for this specific commit and update pr... Updated.

cure53 commented 8 months ago

This is great, thanks you!

cpmotion commented 8 months ago

@cure53 any chance we could push a patch(3.0.8) out asap? We have a specific scenario where we're picking up latest v3 and that would really help a currently deployed product version. Thank you!

cure53 commented 8 months ago

Yep, we needed to wait for feedback on the other issue, it just came in and we are ready to release.

cure53 commented 8 months ago

This release should fix it: https://github.com/cure53/DOMPurify/releases/tag/3.0.8

cpmotion commented 8 months ago

Awesome thanks!