mirror of
https://github.com/seanmorley15/AdventureLog.git
synced 2025-07-23 06:49:37 +02:00
feat: Add file type validation and sanitize markdown input in adventure components
This commit is contained in:
Sean Morley
parent
50a732b4d7
commit
7fbcf170d0
6 changed files with 84 additions and 8 deletions
|
|
@ -14,6 +14,57 @@
|
|||
|
||||
let categories: Category[] = [];
|
||||
|
||||
const allowedFileTypes = [
|
||||
'.pdf',
|
||||
'.doc',
|
||||
'.docx',
|
||||
'.xls',
|
||||
'.xlsx',
|
||||
'.ppt',
|
||||
'.pptx',
|
||||
'.txt',
|
||||
'.png',
|
||||
'.jpg',
|
||||
'.jpeg',
|
||||
'.gif',
|
||||
'.webp',
|
||||
'.mp4',
|
||||
'.mov',
|
||||
'.avi',
|
||||
'.mkv',
|
||||
'.mp3',
|
||||
'.wav',
|
||||
'.flac',
|
||||
'.ogg',
|
||||
'.m4a',
|
||||
'.wma',
|
||||
'.aac',
|
||||
'.opus',
|
||||
'.zip',
|
||||
'.rar',
|
||||
'.7z',
|
||||
'.tar',
|
||||
'.gz',
|
||||
'.bz2',
|
||||
'.xz',
|
||||
'.zst',
|
||||
'.lz4',
|
||||
'.lzma',
|
||||
'.lzo',
|
||||
'.z',
|
||||
'.tar.gz',
|
||||
'.tar.bz2',
|
||||
'.tar.xz',
|
||||
'.tar.zst',
|
||||
'.tar.lz4',
|
||||
'.tar.lzma',
|
||||
'.tar.lzo',
|
||||
'.tar.z',
|
||||
'gpx',
|
||||
'md',
|
||||
'pdf'
|
||||
];
|
||||
|
||||
export let initialLatLng: { lat: number; lng: number } | null = null; // Used to pass the location from the map selection to the modal
|
||||
|
||||
let fileInput: HTMLInputElement;
|
||||
|
|
@ -783,7 +834,7 @@
|
|||
type="file"
|
||||
id="fileInput"
|
||||
class="file-input file-input-bordered w-full max-w-xs"
|
||||
accept="image/*,video/*,audio/*,application/pdf,.gpx"
|
||||
accept={allowedFileTypes.join(',')}
|
||||
on:change={handleFileChange}
|
||||
/>
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
<script lang="ts">
|
||||
import { marked } from 'marked'; // Import the markdown parser
|
||||
import { t } from 'svelte-i18n';
|
||||
import DOMPurify from 'dompurify'; // Import DOMPurify to sanitize HTML
|
||||
|
||||
export let text: string | null | undefined = ''; // Markdown text
|
||||
export let editor_height: string = 'h-64'; // Editor height
|
||||
|
|
@ -8,7 +9,7 @@
|
|||
|
||||
// Function to parse markdown to HTML
|
||||
const renderMarkdown = (markdown: string) => {
|
||||
return marked(markdown);
|
||||
return marked(markdown) as string;
|
||||
};
|
||||
|
||||
// References for scroll syncing
|
||||
|
|
@ -61,7 +62,7 @@
|
|||
class="prose overflow-auto h-96 max-w-full w-full p-4 border border-base-300 rounded-lg bg-base-300"
|
||||
bind:this={previewRef}
|
||||
>
|
||||
{@html renderMarkdown(text || '')}
|
||||
{@html DOMPurify.sanitize(renderMarkdown(text || ''))}
|
||||
</article>
|
||||
{/if}
|
||||
</div>
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue