arian/navidrome
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

Merge commit from fork

Browse Source 
* Rework frontend code interacting directly with DOM

Rework frontend code that uses user-supplied data to render things like
comments and notes. In places where using React's built-in sanitization
is possible, the feature is used. In other places, where some markup
might be necessary, DOMPurify is used to sanitize the HTML before
rendering it.

Solves: GHSA-rh3r-8pxm-hg4w

* Remove test post DOM rework

* fixup! Rework frontend code interacting directly with DOM
This commit is contained in:
Alex Gustafsson
2026-02-03 18:22:57 +01:00
committed by GitHub
parent c3a4585c83
commit d7ec7355c9
11 changed files with 99 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ui/package.json
+1
View File
@@ -27,6 +27,7 @@
"clsx": "^2.1.1",
"connected-react-router": "^6.9.3",
"deepmerge": "^4.3.1",
"dompurify": "^3.3.1",
"history": "^4.10.1",
"inflection": "^3.0.2",
"jwt-decode": "^4.0.0",