DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
The Angular compiler looks for the main field using a few fields in the package.json. The order it uses is:
es2020
es2015
browser
module
main
The first entry the Angular compiler would find before this change was the 'browser' entry point. This is however compiled as an umd and Angular is looking for an esm so it would complain (it would still work though). Adding es2020 as an entry point fixes this problem.
Fixes #869
Background & Context
Tasks
Create an Angular application
Add this package as a dependency npm install --save ./path/to/project
Import DOMPurify in the AppComponent and just sanitize some string in the ngOnInit function
Run npm run build to build this application and see that the warning about common js modules is resolved.
Summary
The Angular compiler looks for the main field using a few fields in the package.json. The order it uses is:
The first entry the Angular compiler would find before this change was the 'browser' entry point. This is however compiled as an
umd
and Angular is looking for anesm
so it would complain (it would still work though). Addinges2020
as an entry point fixes this problem.Fixes #869
Background & Context
Tasks
npm install --save ./path/to/project
DOMPurify
in theAppComponent
and just sanitize some string in thengOnInit
functionnpm run build
to build this application and see that the warning about common js modules is resolved.Dependencies