Skip to content
This repository has been archived by the owner on Nov 3, 2023. It is now read-only.

Commit

Permalink
fix(dashboard): deepmerge htmlSchemaOverrides (apache#23329)
Browse files Browse the repository at this point in the history
  • Loading branch information
justinpark authored Mar 13, 2023
1 parent 82cadcc commit 3919ca6
Show file tree
Hide file tree
Showing 2 changed files with 53 additions and 2 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ import React, { useMemo } from 'react';
import ReactMarkdown from 'react-markdown';
import rehypeSanitize, { defaultSchema } from 'rehype-sanitize';
import rehypeRaw from 'rehype-raw';
import { merge } from 'lodash';
import { mergeWith, isArray } from 'lodash';
import { FeatureFlag, isFeatureEnabled } from '../utils';

interface SafeMarkdownProps {
Expand All @@ -29,6 +29,15 @@ interface SafeMarkdownProps {
htmlSchemaOverrides?: typeof defaultSchema;
}

export function getOverrideHtmlSchema(
originalSchema: typeof defaultSchema,
htmlSchemaOverrides: SafeMarkdownProps['htmlSchemaOverrides'],
) {
return mergeWith(originalSchema, htmlSchemaOverrides, (objValue, srcValue) =>
isArray(objValue) ? objValue.concat(srcValue) : undefined,
);
}

function SafeMarkdown({
source,
htmlSanitization = true,
Expand All @@ -42,7 +51,10 @@ function SafeMarkdown({
if (displayHtml && !escapeHtml) {
rehypePlugins.push(rehypeRaw);
if (htmlSanitization) {
const schema = merge(defaultSchema, htmlSchemaOverrides);
const schema = getOverrideHtmlSchema(
defaultSchema,
htmlSchemaOverrides,
);
rehypePlugins.push([rehypeSanitize, schema]);
}
}
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import { getOverrideHtmlSchema } from '../../src/components/SafeMarkdown';

describe('getOverrideHtmlSchema', () => {
it('should append the override items', () => {
const original = {
attributes: {
'*': ['size'],
},
clobberPrefix: 'original-prefix',
tagNames: ['h1', 'h2', 'h3'],
};
const result = getOverrideHtmlSchema(original, {
attributes: { '*': ['src'], h1: ['style'] },
clobberPrefix: 'custom-prefix',
tagNames: ['iframe'],
});
expect(result.clobberPrefix).toEqual('custom-prefix');
expect(result.attributes).toEqual({ '*': ['size', 'src'], h1: ['style'] });
expect(result.tagNames).toEqual(['h1', 'h2', 'h3', 'iframe']);
});
});

0 comments on commit 3919ca6

Please sign in to comment.