diff --git a/app/[slug]/page.tsx b/app/[slug]/page.tsx index c69e527..be1cb3c 100644 --- a/app/[slug]/page.tsx +++ b/app/[slug]/page.tsx @@ -2,6 +2,7 @@ import { useEffect, useState } from 'react'; import { useParams } from 'next/navigation'; +import DOMPurify from 'dompurify'; import { wishlistsApi, itemsApi, claimingApi, type Wishlist, type Item } from '@/lib/api'; import Header from '@/components/header'; import Footer from '@/components/footer'; @@ -165,7 +166,7 @@ export default function PublicWishlistPage() {
{ // Make all links open in new tab const target = e.target as HTMLElement; diff --git a/package-lock.json b/package-lock.json index c792bfe..2a1ced4 100644 --- a/package-lock.json +++ b/package-lock.json @@ -17,6 +17,7 @@ "axios": "^1.13.2", "better-sqlite3": "^12.4.1", "cheerio": "^1.1.2", + "dompurify": "^3.3.1", "drizzle-orm": "^0.45.1", "jsonwebtoken": "^9.0.2", "lexical": "^0.39.0", @@ -28,6 +29,7 @@ "devDependencies": { "@tailwindcss/postcss": "^4", "@types/better-sqlite3": "^7.6.13", + "@types/dompurify": "^3.0.5", "@types/jsonwebtoken": "^9.0.10", "@types/node": "^20", "@types/react": "^19", @@ -2358,6 +2360,16 @@ "@types/node": "*" } }, + "node_modules/@types/dompurify": { + "version": "3.0.5", + "resolved": "https://registry.npmjs.org/@types/dompurify/-/dompurify-3.0.5.tgz", + "integrity": "sha512-1Wg0g3BtQF7sSb27fJQAKck1HECM6zV1EB66j8JH9i3LCjYabJa0FSdiSgsD5K/RbrsR0SiraKacLB+T8ZVYAg==", + "dev": true, + "license": "MIT", + "dependencies": { + "@types/trusted-types": "*" + } + }, "node_modules/@types/estree": { "version": "1.0.8", "resolved": "https://registry.npmjs.org/@types/estree/-/estree-1.0.8.tgz", @@ -2427,6 +2439,13 @@ "@types/react": "^19.2.0" } }, + "node_modules/@types/trusted-types": { + "version": "2.0.7", + "resolved": "https://registry.npmjs.org/@types/trusted-types/-/trusted-types-2.0.7.tgz", + "integrity": "sha512-ScaPdn1dQczgbl0QFTeTOmVHFULt394XJgOQNoyVhZ6r2vLnMLJfBPd53SB52T/3G36VI1/g2MZaX0cwDuXsfw==", + "devOptional": true, + "license": "MIT" + }, "node_modules/@typescript-eslint/eslint-plugin": { "version": "8.52.0", "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.52.0.tgz", @@ -3905,6 +3924,15 @@ "url": "https://github.com/fb55/domhandler?sponsor=1" } }, + "node_modules/dompurify": { + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.3.1.tgz", + "integrity": "sha512-qkdCKzLNtrgPFP1Vo+98FRzJnBRGe4ffyCea9IwHB1fyxPOeNTHpLKYGd4Uk9xvNoH0ZoOjwZxNptyMwqrId1Q==", + "license": "(MPL-2.0 OR Apache-2.0)", + "optionalDependencies": { + "@types/trusted-types": "^2.0.7" + } + }, "node_modules/domutils": { "version": "3.2.2", "resolved": "https://registry.npmjs.org/domutils/-/domutils-3.2.2.tgz", diff --git a/package.json b/package.json index df3abd4..ac920cf 100644 --- a/package.json +++ b/package.json @@ -23,6 +23,7 @@ "axios": "^1.13.2", "better-sqlite3": "^12.4.1", "cheerio": "^1.1.2", + "dompurify": "^3.3.1", "drizzle-orm": "^0.45.1", "jsonwebtoken": "^9.0.2", "lexical": "^0.39.0", @@ -34,6 +35,7 @@ "devDependencies": { "@tailwindcss/postcss": "^4", "@types/better-sqlite3": "^7.6.13", + "@types/dompurify": "^3.0.5", "@types/jsonwebtoken": "^9.0.10", "@types/node": "^20", "@types/react": "^19",