diff --git a/package-lock.json b/package-lock.json index f22d03279..d29a22c8b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -21,6 +21,7 @@ "cos-js-sdk-v5": "^1.8.7", "crypto-js": "^4.2.0", "csstype": "^3.1.3", + "dompurify": "^3.2.4", "es-toolkit": "^1.27.0", "form-data": "4.0.1", "front-matter": "^4.0.2", @@ -8155,9 +8156,9 @@ } }, "node_modules/dompurify": { - "version": "3.2.3", - "resolved": "https://registry.npmmirror.com/dompurify/-/dompurify-3.2.3.tgz", - "integrity": "sha512-U1U5Hzc2MO0oW3DF+G9qYN0aT7atAou4AgI0XjWz061nyBPbdxkfdhfy5uMgGn6+oLFCfn44ZGbdDqCzVmlOWA==", + "version": "3.2.4", + "resolved": "https://registry.npmmirror.com/dompurify/-/dompurify-3.2.4.tgz", + "integrity": "sha512-ysFSFEDVduQpyhzAob/kkuJjf5zWkZD8/A9ywSp1byueyuCfHamrCBa14/Oc2iiB0e51B+NpxSl5gmzn+Ms/mg==", "optionalDependencies": { "@types/trusted-types": "^2.0.7" } diff --git a/package.json b/package.json index 98c53caaa..c0fb251cf 100644 --- a/package.json +++ b/package.json @@ -35,6 +35,7 @@ "cos-js-sdk-v5": "^1.8.7", "crypto-js": "^4.2.0", "csstype": "^3.1.3", + "dompurify": "^3.2.4", "es-toolkit": "^1.27.0", "form-data": "4.0.1", "front-matter": "^4.0.2", diff --git a/src/stores/index.ts b/src/stores/index.ts index 1bc27e447..3d2bdef42 100644 --- a/src/stores/index.ts +++ b/src/stores/index.ts @@ -7,6 +7,7 @@ import { addPrefix, css2json, customCssWithTemplate, customizeTheme, downloadMD, import { initRenderer } from '@/utils/renderer' import CodeMirror from 'codemirror' import { marked } from 'marked' +import DOMPurify from 'dompurify' export const useStore = defineStore(`store`, () => { // 是否开启深色模式 @@ -191,6 +192,7 @@ export const useStore = defineStore(`store`, () => { const { markdownContent, readingTime: readingTimeResult } = renderer.parseFrontMatterAndContent(editor.value!.getValue()) readingTime.value = readingTimeResult let outputTemp = marked.parse(markdownContent) as string + outputTemp = DOMPurify.sanitize(outputTemp) // 阅读时间及字数统计 outputTemp = renderer.buildReadingTime(readingTimeResult) + outputTemp