[arvados-workbench2] updated: 2.7.0-11-gbc80b56b
git repository hosting
git at public.arvados.org
Fri Oct 13 17:45:27 UTC 2023
Summary of changes:
src/common/html-sanitize.ts | 7 +++++--
src/store/resources/resources-actions.ts | 4 +++-
src/store/resources/resources-reducer.ts | 24 ++++++++++++++--------
.../data-explorer/data-explorer.tsx | 1 +
.../details-panel/project-details.tsx | 3 +--
5 files changed, 25 insertions(+), 14 deletions(-)
via bc80b56b75691f7571e3b86f3bb50cc26ce9d5b0 (commit)
from 72964a6aba83a007fdafebb5131197fbe0e33929 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
commit bc80b56b75691f7571e3b86f3bb50cc26ce9d5b0
Author: Lisa Knox <lisaknox83 at gmail.com>
Date: Fri Oct 13 13:45:16 2023 -0400
21026: sanitizer in place Arvados-DCO-1.1-Signed-off-by: Lisa Knox <lisa.knox at curii.com>
diff --git a/src/common/html-sanitize.ts b/src/common/html-sanitize.ts
index 9c1ac550..3bdc09e2 100644
--- a/src/common/html-sanitize.ts
+++ b/src/common/html-sanitize.ts
@@ -46,8 +46,11 @@ const domPurifyConfig: TDomPurifyConfig = {
};
export const sanitizeHTML = (dirtyInput: string): string => {
- console.log('dirty ->',dirtyInput);
+ console.log('dirty------', dirtyInput);
+
const clean = DOMPurify.sanitize(dirtyInput, domPurifyConfig);
- console.log('clean =>',clean);
+
+ console.log('clean------', clean);
+
return clean;
};
diff --git a/src/store/resources/resources-actions.ts b/src/store/resources/resources-actions.ts
index 1d1355a8..aff338f0 100644
--- a/src/store/resources/resources-actions.ts
+++ b/src/store/resources/resources-actions.ts
@@ -15,8 +15,10 @@ import { TagProperty } from 'models/tag';
import { change, formValueSelector } from 'redux-form';
import { ResourcePropertiesFormData } from 'views-components/resource-properties-form/resource-properties-form';
+export type ResourceWithDescription = Resource & { description?: string }
+
export const resourcesActions = unionize({
- SET_RESOURCES: ofType<Resource[]>(),
+ SET_RESOURCES: ofType<ResourceWithDescription[] >(),
DELETE_RESOURCES: ofType<string[]>()
});
diff --git a/src/store/resources/resources-reducer.ts b/src/store/resources/resources-reducer.ts
index bb0cd383..02b8f38f 100644
--- a/src/store/resources/resources-reducer.ts
+++ b/src/store/resources/resources-reducer.ts
@@ -2,16 +2,22 @@
//
// SPDX-License-Identifier: AGPL-3.0
+import { sanitizeHTML } from 'common/html-sanitize';
import { ResourcesState, setResource, deleteResource } from './resources';
import { ResourcesAction, resourcesActions } from './resources-actions';
-export const resourcesReducer = (state: ResourcesState = {}, action: ResourcesAction) =>
- resourcesActions.match(action, {
- SET_RESOURCES: resources => resources.reduce(
- (state, resource) => setResource(resource.uuid, resource)(state),
- state),
- DELETE_RESOURCES: ids => ids.reduce(
- (state, id) => deleteResource(id)(state),
- state),
+export const resourcesReducer = (state: ResourcesState = {}, action: ResourcesAction) => {
+ if (Array.isArray(action.payload)) {
+ for (const item of action.payload) {
+ if (typeof item === 'object' && item.description) {
+ item.description = sanitizeHTML(item.description);
+ }
+ }
+ }
+
+ return resourcesActions.match(action, {
+ SET_RESOURCES: resources => resources.reduce((state, resource) => setResource(resource.uuid, resource)(state), state),
+ DELETE_RESOURCES: ids => ids.reduce((state, id) => deleteResource(id)(state), state),
default: () => state,
- });
\ No newline at end of file
+ });
+};
\ No newline at end of file
diff --git a/src/views-components/data-explorer/data-explorer.tsx b/src/views-components/data-explorer/data-explorer.tsx
index 59c389ac..f8f030eb 100644
--- a/src/views-components/data-explorer/data-explorer.tsx
+++ b/src/views-components/data-explorer/data-explorer.tsx
@@ -22,6 +22,7 @@ interface Props {
}
const mapStateToProps = (state: RootState, { id }: Props) => {
+ // console.log(state.form.projectUpdateFormName? state.form.projectUpdateFormName:'')
const progress = state.progressIndicator.find(p => p.id === id);
const dataExplorerState = getDataExplorer(state.dataExplorer, id);
const currentRoute = state.router.location ? state.router.location.pathname : '';
diff --git a/src/views-components/details-panel/project-details.tsx b/src/views-components/details-panel/project-details.tsx
index ecc8c328..7dc6709d 100644
--- a/src/views-components/details-panel/project-details.tsx
+++ b/src/views-components/details-panel/project-details.tsx
@@ -22,7 +22,6 @@ import { openProjectUpdateDialog, ProjectUpdateFormDialogData } from 'store/proj
import { RootState } from 'store/store';
import { ResourcesState } from 'store/resources/resources';
import { resourceIsFrozen } from 'common/frozen-resources';
-import { sanitizeHTML } from 'common/html-sanitize';
export class ProjectDetails extends DetailsData<ProjectResource> {
getIcon(className?: string) {
@@ -103,7 +102,7 @@ const ProjectDetailsComponent = connect(mapStateToProps, mapDispatchToProps)(
{project.description ?
<RichTextEditorLink
title={`Description of ${project.name}`}
- content={sanitizeHTML(project.description)}
+ content={project.description}
label='Show full description' />
: '---'
}
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list