fix: sanitize AI review HTML before rendering to prevent stored XSS#3673
Closed
Swately wants to merge 1 commit into
Closed
fix: sanitize AI review HTML before rendering to prevent stored XSS#3673Swately wants to merge 1 commit into
Swately wants to merge 1 commit into
Conversation
ViewAiReviewView renders marked.parse(review.ai_review_text) directly into dangerouslySetInnerHTML. marked does not sanitize, so any HTML/script the registry returns in ai_review_text executes in the user's DOM. Wrap the parsed output in DOMPurify.sanitize. Adds dompurify as a runtime dependency and a regression test (jsdom + the real DOMPurify pipeline) covering onerror, <script> and javascript: payloads, and confirming normal markdown survives. Full suite green. Co-Authored-By: Claude <noreply@anthropic.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Contributor
|
This PR has been automatically marked as stale because it has had no recent activity. It will be closed if no further activity occurs. |
Contributor
|
This PR was closed because it has been inactive for 1 day since being marked as stale. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
ViewAiReviewViewrendersmarked.parse(review.ai_review_text)straight intodangerouslySetInnerHTML.markeddoesn't sanitize, so any HTML/script the registry returns inai_review_textexecutes in the user's DOM (stored XSS).Fix: wrap the parsed output in
DOMPurify.sanitize(...).dompurifyadded as a runtime dependency (browser-native, light); regression test added (jsdom + the real DOMPurify pipeline) coveringonerror,<script>andjavascript:payloads, and confirming normal markdown survives. Full suite green.Out of scope (separate concern noted in #3376): the
postMessagehandler inRunFrameWithIframe.tsxlacks anevent.origincheck — the right fix needs your input on which origins are legitimate, so I left it for a follow-up.Fixes #3376
Authored with AI assistance, reviewed and submitted under my responsibility.