Hugging Face's logo

Spaces:
awacke1
/
Authenticate-chat-ui
Build error

App Files Community
Adrien Denat coyotte508 HF Staff commited on
Commit
0ca99f1
·
unverified ·
1 Parent(s): b7f9ccb

add basic html sanitizing (#40)

Browse files

* add basic html sanitizing

* fix prose overriding styling of code block

* lazy load HTML sanitizer

* simplify sanitization

* make sure sanitizedContent is kicking in on prop changes

Co-authored-by: Eliott C. <[email protected]>

* fix reactive statement not running on SSR

---------

Co-authored-by: Eliott C. <[email protected]>

Files changed (2) hide show
  1. src/lib/components/chat/ChatMessage.svelte +7 -3
  2. src/styles/main.css +1 -1
src/lib/components/chat/ChatMessage.svelte CHANGED
@@ -6,6 +6,10 @@
6
 
7
  import CopyToClipBoardBtn from '../CopyToClipBoardBtn.svelte';
8
 
 
 
 
 
9
  export let message: Message;
10
  let html = '';
11
  let el: HTMLElement;
@@ -49,9 +53,9 @@
49
  renderer
50
  };
51
 
52
- $: browser && marked(message.content, options, handleParsed);
53
 
54
- html = marked(message.content, options);
55
 
56
  afterUpdate(() => {
57
  if (el) {
@@ -83,7 +87,7 @@
83
  class="mt-5 w-3 h-3 flex-none rounded-full shadow-lg"
84
  />
85
  <div
86
- class="relative rounded-2xl px-5 py-3.5 border border-gray-100 bg-gradient-to-br from-gray-50 dark:from-gray-800/40 dark:border-gray-800 prose text-gray-600 dark:text-gray-300"
87
  bind:this={el}
88
  >
89
  {@html html}
 
6
 
7
  import CopyToClipBoardBtn from '../CopyToClipBoardBtn.svelte';
8
 
9
+ function sanitizeMd(md: string) {
10
+ return md.replaceAll('<', '&lt;');
11
+ }
12
+
13
  export let message: Message;
14
  let html = '';
15
  let el: HTMLElement;
 
53
  renderer
54
  };
55
 
56
+ $: browser && marked(sanitizeMd(message.content), options, handleParsed);
57
 
58
+ html = marked(sanitizeMd(message.content), options);
59
 
60
  afterUpdate(() => {
61
  if (el) {
 
87
  class="mt-5 w-3 h-3 flex-none rounded-full shadow-lg"
88
  />
89
  <div
90
+ class="prose dark:prose-invert :prose-pre:bg-gray-100 dark:prose-pre:bg-gray-950 relative rounded-2xl px-5 py-3.5 border border-gray-100 bg-gradient-to-br from-gray-50 dark:from-gray-800/40 dark:border-gray-800 text-gray-600 dark:text-gray-300"
91
  bind:this={el}
92
  >
93
  {@html html}
src/styles/main.css CHANGED
@@ -16,7 +16,7 @@
16
  }
17
 
18
  .code-block {
19
- @apply relative bg-gray-100 dark:bg-gray-950 rounded-lg my-4;
20
  }
21
 
22
  .code-block > pre {
 
16
  }
17
 
18
  .code-block {
19
+ @apply relative rounded-lg my-4;
20
  }
21
 
22
  .code-block > pre {