pastelsky / bundlephobia

🏋️ Find out the cost of adding a new frontend dependency to your project
https://bundlephobia.com
MIT License
9.05k stars 226 forks source link

Image preview in the package README breaks the bundlephobia layout #281

Open bpierre opened 4 years ago

bpierre commented 4 years ago

See:

PS: thanks for having built this super valuable tool! :hugs:

aviskarkc10 commented 4 years ago

One fix for this is to forbid the img tag when sanitizing dom.

https://github.com/pastelsky/bundlephobia/blob/bundlephobia/client/components/QuickStatsBar/QuickStatsBar.js#L35 in the above line we could do this.

    return DOMPurify.sanitize(trimmed, { FORBID_TAGS: ['img']})

what do you think of this solution @pastelsky

pastelsky commented 4 years ago

@aviskarkc10 sounds good. Do you want to take a stab?

aviskarkc10 commented 4 years ago

yeah sure.