moved around html sanitizing to fix html not being rendered when loading chat messages

2019-12-07 13:34:54 +05:30 · 2019-12-07 13:34:54 +05:30 · e110ce5135
commit e110ce5135
parent 6ecdf34b64
4 changed files with 28 additions and 9 deletions
--- a/chatto/src/main/javascript/package.json
+++ b/chatto/src/main/javascript/package.json
@ -1,6 +1,7 @@
 {
    "dependencies": {
        "@types/dompurify": "^2.0.0",
+        "@types/jquery": "^3.3.31",
        "@types/markdown-it": "^0.0.9",
        "@types/sjcl": "^1.0.28",
        "@types/sprintf-js": "^1.1.2",
--- a/chatto/src/main/javascript/ts/src/view/ChatView.ts
+++ b/chatto/src/main/javascript/ts/src/view/ChatView.ts
@ -28,14 +28,17 @@ export class ChatView implements Observer {
        log.info('ChatView: updating view');
        let html: string = "";
        data.forEach((vm: ChatMessageViewModel) => {
-            html += this._messageSendTemplate(vm);
+            const vmTemp = vm;
+            vmTemp.message = md.render(vm.message);
+            $(this._element).append(DOMPurify.sanitize(this._messageSendTemplate(vmTemp)));
+            // html += this._messageSendTemplate(vm);
        });

        /** Very Important!!!
         * Sanitizing HTML before displaying on webpage to prevent XSS attacks!!
         */
-        html = DOMPurify.sanitize(md.render(html));
-        this._element.innerHTML = html;
-        log.debug(this._element.innerHTML);
+        // html = DOMPurify.sanitize(md.render(html));
+        // this._element.innerHTML = html;
+        // log.debug(this._element.innerHTML);
    }
 }
--- a/chatto/src/main/javascript/yarn.lock
+++ b/chatto/src/main/javascript/yarn.lock
@ -9,6 +9,13 @@
  dependencies:
    "@types/trusted-types" "*"

+"@types/jquery@^3.3.31":
+  version "3.3.31"
+  resolved "https://registry.yarnpkg.com/@types/jquery/-/jquery-3.3.31.tgz#27c706e4bf488474e1cb54a71d8303f37c93451b"
+  integrity sha512-Lz4BAJihoFw5nRzKvg4nawXPzutkv7wmfQ5121avptaSIXlDNJCUuxZxX/G+9EVidZGuO0UBlk+YjKbwRKJigg==
+  dependencies:
+    "@types/sizzle" "*"
+
 "@types/linkify-it@*":
  version "2.1.0"
  resolved "https://registry.yarnpkg.com/@types/linkify-it/-/linkify-it-2.1.0.tgz#ea3dd64c4805597311790b61e872cbd1ed2cd806"
@ -21,6 +28,11 @@
  dependencies:
    "@types/linkify-it" "*"

+"@types/sizzle@*":
+  version "2.3.2"
+  resolved "https://registry.yarnpkg.com/@types/sizzle/-/sizzle-2.3.2.tgz#a811b8c18e2babab7d542b3365887ae2e4d9de47"
+  integrity sha512-7EJYyKTL7tFR8+gDbB6Wwz/arpGa0Mywk1TJbNzKzHtzbwVmY4HR9WqS5VV7dsBUKQmPNr192jHr/VpBluj/hg==
+
 "@types/sjcl@^1.0.28":
  version "1.0.28"
  resolved "https://registry.yarnpkg.com/@types/sjcl/-/sjcl-1.0.28.tgz#4693eb6943e385e844a70fb25b4699db286c7214"
--- a/chatto/src/main/resources/static/js/bundle.js
+++ b/chatto/src/main/resources/static/js/bundle.js