Merge pull request #16 from withinJoel/alert-autofix-25

Fix code scanning alert no. 25: DOM text reinterpreted as HTML
withinJoel · Dec 18, 2024 · f773a11 · f773a11
2 parents 38afd46 + 9a4394b
commit f773a11
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 2 deletions.
diff --git a/Modules/Packages/Upscale.js b/Modules/Packages/Upscale.js
@@ -1,7 +1,9 @@
+import DOMPurify from 'dompurify';
 //Upscale
 async function upscaleAndDownloadImage(data) {
     try {
-        const imageUrl = imagedir + data;
+        const sanitizedData = DOMPurify.sanitize(data);
+        const imageUrl = imagedir + sanitizedData;
         const imgOriginal = document.createElement('img');
         imgOriginal.src = imageUrl;
         imgOriginal.style.position = 'fixed';

diff --git a/package.json b/package.json
@@ -15,6 +15,7 @@
   },
   "dependencies": {
     "axios": "^1.7.9",
-    "electron-context-menu": "^4.0.4"
+    "electron-context-menu": "^4.0.4",
+    "dompurify": "^3.2.3"
   }
 }