chore: remove html renderer sanitizes

usememos · Nov 5, 2024 · 67c1a46 · 67c1a46
1 parent 57c0073
commit 67c1a46
Show file tree

Hide file tree

Showing 3 changed files with 1 addition and 31 deletions.
diff --git a/web/package.json b/web/package.json
@@ -24,7 +24,6 @@
     "clsx": "^2.1.1",
     "copy-to-clipboard": "^3.3.3",
     "dayjs": "^1.11.13",
-    "dompurify": "^3.1.7",
     "fuse.js": "^7.0.0",
     "highlight.js": "^11.10.0",
     "i18next": "^23.16.3",
@@ -55,7 +54,6 @@
     "@bufbuild/protobuf": "^2.2.2",
     "@trivago/prettier-plugin-sort-imports": "^4.3.0",
     "@types/d3": "^7.4.3",
-    "@types/dompurify": "^3.0.5",
     "@types/katex": "^0.16.7",
     "@types/leaflet": "^1.9.14",
     "@types/lodash-es": "^4.17.12",

diff --git a/web/pnpm-lock.yaml b/web/pnpm-lock.yaml
diff --git a/web/src/components/MemoContent/CodeBlock.tsx b/web/src/components/MemoContent/CodeBlock.tsx
@@ -1,6 +1,5 @@
 import clsx from "clsx";
 import copy from "copy-to-clipboard";
-import DOMPurify from "dompurify";
 import hljs from "highlight.js";
 import { CopyIcon } from "lucide-react";
 import { useCallback, useMemo } from "react";
@@ -24,15 +23,11 @@ const CodeBlock: React.FC<Props> = ({ language, content }: Props) => {
 
   // Users can set Markdown code blocks as `__html` to render HTML directly.
   if (formatedLanguage === SpecialLanguage.HTML) {
-    const purify = DOMPurify(window);
     return (
       <div
         className="w-full overflow-auto !my-2"
         dangerouslySetInnerHTML={{
-          __html: purify.sanitize(content, {
-            ALLOWED_TAGS: ["iframe"],
-            ADD_ATTR: ["allow", "allowfullscreen", "frameborder", "scrolling"],
-          }),
+          __html: content,
         }}
       />
     );