Feat/mdstream safe

[DingGao-Devin]

Summary by CodeRabbit

• New Features

  • File messages now include both file identifiers and URLs, improving access to uploaded files.

• Bug Fixes

  • Enhanced HTML sanitization to better protect against XSS vulnerabilities when rendering rich text.
  • Improved URL validation in links to more effectively block unsafe "javascript:" links, even if obfuscated.

• Tests

  • Expanded test content for markdown rendering with additional XSS scenarios to ensure improved security.

[coderabbitai]

Walkthrough

This update enhances XSS protection in the @coze/chat-sdk package by adding the xss dependency, sanitizing rendered HTML, strengthening URL validation, and expanding markdown test cases with various XSS payloads. The version is incremented and several change log files are added to document these modifications.

Changes

Files/Paths	Change Summary
common/changes/@coze/chat-sdk/feat-mdstream-safe_2025-06-16-02-57.json common/changes/@coze/chat-sdk/feat-mdstream-safe_2025-06-16-04-00.json common/changes/@coze/chat-sdk/feat-mdstream-safe_2025-07-01-12-49.json	Added change log JSON files documenting minor updates for XSS fixes and metadata.
packages/chat-sdk/package.json	Bumped version to 0.1.11-beta.18; added xss as a dependency.
packages/chat-sdk/src/libs/services/helper/message/send-message/multi-send-message.ts	Included file_url alongside file_id in file message payloads and upload results.
packages/chat-sdk/src/libs/ui-kit/atomic/md-stream/render/phrase/html/index.tsx	Sanitized HTML content using xss before rendering with RichText.
packages/chat-sdk/src/libs/ui-kit/atomic/md-stream/render/phrase/link/index.tsx	Improved URL validation to better detect and block "javascript:" links, handling whitespace and casing.
packages/chat-sdk/src/pages/markdown/const.ts	Expanded markdown constant with numerous XSS payloads and updated a test link to use a malicious javascript: URL.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant MarkdownRenderer
    participant XSSSanitizer
    participant UI

    User->>MarkdownRenderer: Submit markdown with HTML
    MarkdownRenderer->>XSSSanitizer: Sanitize HTML content
    XSSSanitizer-->>MarkdownRenderer: Return sanitized HTML
    MarkdownRenderer->>UI: Render sanitized content

    User->>MarkdownRenderer: Submit markdown with link
    MarkdownRenderer->>MarkdownRenderer: Validate URL (strip whitespace, check for "javascript")
    alt URL is safe
        MarkdownRenderer->>UI: Render link
    else URL is unsafe
        MarkdownRenderer->>UI: Render as plain text or block
    end

Loading

Possibly related PRs

• Feat/mdstream safe #263: Directly related as it modifies the same XSS protection logic, dependency management, and markdown test cases in @coze/chat-sdk.

Suggested reviewers

• jackshen310

Poem

In the meadow of code where the wild bugs play,
A rabbit hopped in and swept XSS away.
With sanitizer shield and vigilant eyes,
Unsafe links and scripts met their demise.
Now markdown is safe, from field to stream—
Let’s celebrate this patch, a coder’s dream! 🐇✨

✨ Finishing Touches

• 📝 Generate Docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.

---

gaoding.devingao seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

common/changes/@coze/chat-sdk/feat-mdstream-safe_2025-06-16-04-00.json (1)

5-5: Improve the change description for clarity.

The comment "修改g" appears incomplete or cryptic. Consider using a more descriptive message that explains what specific modification was made. Other change files in this PR use clearer descriptions like "解决html的xss问题" (solving HTML XSS problem).

-      "comment": "修改g",
+      "comment": "修改HTML渲染安全性",

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 591dce2 and 0dc6513.

⛔ Files ignored due to path filters (1)

• common/config/subspaces/default/pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (8)

• common/changes/@coze/chat-sdk/feat-mdstream-safe_2025-06-16-02-57.json (1 hunks)
• common/changes/@coze/chat-sdk/feat-mdstream-safe_2025-06-16-04-00.json (1 hunks)
• common/changes/@coze/chat-sdk/feat-mdstream-safe_2025-07-01-12-49.json (1 hunks)
• packages/chat-sdk/package.json (3 hunks)
• packages/chat-sdk/src/libs/services/helper/message/send-message/multi-send-message.ts (2 hunks)
• packages/chat-sdk/src/libs/ui-kit/atomic/md-stream/render/phrase/html/index.tsx (2 hunks)
• packages/chat-sdk/src/libs/ui-kit/atomic/md-stream/render/phrase/link/index.tsx (1 hunks)
• packages/chat-sdk/src/pages/markdown/const.ts (2 hunks)

🧰 Additional context used

🧠 Learnings (9)

📓 Common learnings

Learnt from: DingGao-Devin
PR: coze-dev/coze-js#104
File: packages/chat-sdk/src/pages/chat/index.tsx:37-41
Timestamp: 2025-02-24T03:34:17.077Z
Learning: The file `packages/chat-sdk/src/pages/chat/index.tsx` is a test implementation and doesn't require production-level improvements.

common/changes/@coze/chat-sdk/feat-mdstream-safe_2025-06-16-04-00.json (2)

Learnt from: DingGao-Devin
PR: coze-dev/coze-js#104
File: packages/chat-sdk/src/pages/chat/index.tsx:37-41
Timestamp: 2025-02-24T03:34:17.077Z
Learning: The file `packages/chat-sdk/src/pages/chat/index.tsx` is a test implementation and doesn't require production-level improvements.

Learnt from: huntye1
PR: coze-dev/coze-js#25
File: codecov.yml:4-8
Timestamp: 2024-11-12T09:27:06.509Z
Learning: In the `coze-js` project, when configuring `codecov.yml`, prefer using default settings initially for stability unless there's a specific need to change them.

packages/chat-sdk/package.json (1)

Learnt from: DingGao-Devin
PR: coze-dev/coze-js#104
File: packages/chat-sdk/src/pages/chat/index.tsx:37-41
Timestamp: 2025-02-24T03:34:17.077Z
Learning: The file `packages/chat-sdk/src/pages/chat/index.tsx` is a test implementation and doesn't require production-level improvements.

common/changes/@coze/chat-sdk/feat-mdstream-safe_2025-07-01-12-49.json (2)

Learnt from: DingGao-Devin
PR: coze-dev/coze-js#104
File: packages/chat-sdk/src/pages/chat/index.tsx:37-41
Timestamp: 2025-02-24T03:34:17.077Z
Learning: The file `packages/chat-sdk/src/pages/chat/index.tsx` is a test implementation and doesn't require production-level improvements.

Learnt from: huntye1
PR: coze-dev/coze-js#25
File: codecov.yml:4-8
Timestamp: 2024-11-12T09:27:06.509Z
Learning: In the `coze-js` project, when configuring `codecov.yml`, prefer using default settings initially for stability unless there's a specific need to change them.

common/changes/@coze/chat-sdk/feat-mdstream-safe_2025-06-16-02-57.json (1)

Learnt from: DingGao-Devin
PR: coze-dev/coze-js#104
File: packages/chat-sdk/src/pages/chat/index.tsx:37-41
Timestamp: 2025-02-24T03:34:17.077Z
Learning: The file `packages/chat-sdk/src/pages/chat/index.tsx` is a test implementation and doesn't require production-level improvements.

packages/chat-sdk/src/libs/ui-kit/atomic/md-stream/render/phrase/html/index.tsx (1)

Learnt from: DingGao-Devin
PR: coze-dev/coze-js#104
File: packages/chat-sdk/src/pages/chat/index.tsx:37-41
Timestamp: 2025-02-24T03:34:17.077Z
Learning: The file `packages/chat-sdk/src/pages/chat/index.tsx` is a test implementation and doesn't require production-level improvements.

packages/chat-sdk/src/libs/ui-kit/atomic/md-stream/render/phrase/link/index.tsx (1)

Learnt from: DingGao-Devin
PR: coze-dev/coze-js#104
File: packages/chat-sdk/src/pages/chat/index.tsx:37-41
Timestamp: 2025-02-24T03:34:17.077Z
Learning: The file `packages/chat-sdk/src/pages/chat/index.tsx` is a test implementation and doesn't require production-level improvements.

packages/chat-sdk/src/libs/services/helper/message/send-message/multi-send-message.ts (1)

Learnt from: DingGao-Devin
PR: coze-dev/coze-js#104
File: packages/chat-sdk/src/pages/chat/index.tsx:37-41
Timestamp: 2025-02-24T03:34:17.077Z
Learning: The file `packages/chat-sdk/src/pages/chat/index.tsx` is a test implementation and doesn't require production-level improvements.

packages/chat-sdk/src/pages/markdown/const.ts (1)

Learnt from: DingGao-Devin
PR: coze-dev/coze-js#104
File: packages/chat-sdk/src/pages/chat/index.tsx:37-41
Timestamp: 2025-02-24T03:34:17.077Z
Learning: The file `packages/chat-sdk/src/pages/chat/index.tsx` is a test implementation and doesn't require production-level improvements.

⏰ Context from checks skipped due to timeout of 90000ms (2)

• GitHub Check: Node.js v20 (ubuntu-latest)
• GitHub Check: A job to sync events to Lark

🔇 Additional comments (9)

packages/chat-sdk/package.json (2)

3-3: Version bump is appropriate for security improvements.

The minor version increment is correctly applied for the XSS protection features being added to the package.

---

87-87: No action needed: ‘xss’ is up-to-date and secure

Version 1.0.15 is the latest release (March 3, 2024) and has no known vulnerabilities according to both npm and Snyk assessments. You can safely retain this dependency as is.

common/changes/@coze/chat-sdk/feat-mdstream-safe_2025-07-01-12-49.json (1)

1-12: Clear and descriptive change documentation.

The change log entry properly documents the file URL modification with a clear, descriptive comment.

common/changes/@coze/chat-sdk/feat-mdstream-safe_2025-06-16-02-57.json (1)

1-12: Excellent change documentation.

The change log entry clearly describes the XSS security fix with a descriptive comment in Chinese. This is a good example of proper change documentation.

packages/chat-sdk/src/libs/ui-kit/atomic/md-stream/render/phrase/html/index.tsx (2)

3-3: XSS library import is correctly added.

The import statement properly includes the xss library needed for HTML sanitization.

---

17-17: Proper XSS sanitization implementation.

The HTML content is correctly sanitized using xss(node.value) before being passed to the RichText component. This effectively mitigates XSS attacks by removing dangerous HTML elements and attributes while preserving safe content.

packages/chat-sdk/src/libs/ui-kit/atomic/md-stream/render/phrase/link/index.tsx (1)

22-22: Excellent XSS protection enhancement!

The improved URL validation effectively prevents javascript: URL bypass attempts by removing all whitespace and using case-insensitive matching. This addresses common XSS evasion techniques like "java script:", "JAVASCRIPT:", or "java\tscript:".

packages/chat-sdk/src/libs/services/helper/message/send-message/multi-send-message.ts (1)

64-66: Good enhancement to include file URL in message content.

Including both file_id and file_url provides complete file metadata for downstream consumers. The fallback to undefined is appropriate for optional properties.

packages/chat-sdk/src/pages/markdown/const.ts (1)

2-89: Comprehensive XSS test coverage added.

The extensive collection of XSS payloads provides excellent test coverage for various attack vectors including:

• Control character injection to bypass javascript: URL detection
• Event handler injection across multiple HTML elements
• Script tag variations with different encoding/whitespace
• Attribute and tag injection attempts

This robust test suite will help validate the effectiveness of the XSS protections implemented in other components.

[coderabbitai]

💡 Verification agent

🧩 Analysis chain

Address TypeScript type issues instead of suppressing them.

The TypeScript linter disable suggests that the upload response type doesn't include a url property. Consider updating the type definitions to properly reflect the API response structure.

-            // @ts-expect-error -- linter-disable-autofix
-            packResult.file_url = res.url;
+            packResult.file_url = res.url;

Update the upload response type definition to include the url property, or verify that the API actually returns this field.

---

🏁 Script executed:

#!/bin/bash
# Description: Verify the upload response type definition includes url property
# Expected: Find type definitions for upload response to confirm url property

# Search for upload response type definitions
ast-grep --pattern 'interface $_ {
  $$$
  id: $_
  $$$
}'

# Also search for upload method return types
rg -A 10 -B 5 "upload.*:" --type ts

Length of output: 56007

---

🏁 Script executed:

#!/bin/bash
# Search for FileResult type definitions
rg -R "interface FileResult" -A5 -B5 --type ts

Length of output: 453

---

🏁 Script executed:

#!/bin/bash
# Display context around the ts-expect-error in multi-send-message.ts
sed -n '120,160p' packages/chat-sdk/src/libs/services/helper/message/send-message/multi-send-message.ts

Length of output: 1304

---

---

🏁 Script executed:

#!/bin/bash
# Find FileResult definition and context in mini-coze-api
grep -R "FileResult" -n packages/chat-sdk/src/libs/utils/mini-coze-api.ts || true
sed -n '1,200p' packages/chat-sdk/src/libs/utils/mini-coze-api.ts

Length of output: 6304

---

Add the url field to your FileObject type and remove the suppression

You’re suppressing a real TypeScript error because the upload response TypeScript definitions don’t include the URL property. To fix:

• packages/coze-js/src/resources/files/files.ts
– Extend FileObject with the url field to match what the API actually returns.

export interface FileObject {
  /** The ID of the uploaded file. */
  id: string;
  /** The total number of bytes in the file. */
  bytes: number;
  /** The upload time, formatted as a 10-digit Unix timestamp in seconds. */
  created_at: number;
  /** The name of the file. */
  file_name: string;
+ /** Public URL of the uploaded file. */
+ url: string;
}

• packages/chat-sdk/src/libs/services/helper/message/send-message/multi-send-message.ts
– Remove the @ts-expect-error and re-enable the assignment once the type is correct.

-            // @ts-expect-error -- linter-disable-autofix
-            packResult.file_url = res.url;
+            packResult.file_url = res.url;

After updating the type, run your build to verify the error is gone and the field is available at runtime.

🤖 Prompt for AI Agents

In packages/coze-js/src/resources/files/files.ts, extend the FileObject type to
include the url field to reflect the actual API response. Then, in
packages/chat-sdk/src/libs/services/helper/message/send-message/multi-send-message.ts
at lines 138-139, remove the @ts-expect-error comment and keep the assignment of
packResult.file_url = res.url. Finally, run the build to confirm the TypeScript
error is resolved and the url field is properly recognized.