Skip to content

Commit

Permalink
fix: sanitize error message
Browse files Browse the repository at this point in the history
  • Loading branch information
@dutterbutter
dutterbutter committed Nov 6, 2024
1 parent 3884936 commit 68b4c9e
Show file tree
Hide file tree
Showing 5 changed files with 42 additions and 5 deletions.
23 changes: 19 additions & 4 deletions error.vue
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
<Header />
<div class="error-info-container">
<h1 class="error-status-code">{{ error.statusCode }}</h1>
<p class="error-message">{{ error.message }}</p>
<p v-if="error.statusCode !== 404" class="error-message">{{ sanitizedErrorMessage }}</p>
<CommonButton as="RouterLink" :to="{ name: 'bridge' }" class="mt-4" variant="primary">
Back to Bridge
</CommonButton>
Expand All @@ -12,14 +12,29 @@
</template>

<script lang="ts">
export default {
import DOMPurify from "dompurify";
import { defineComponent, computed } from "vue";
export default defineComponent({
props: {
error: {
type: Object as PropType<any>,
type: Object as PropType<{ statusCode: number; message: string }>,
required: true,
validator: (value: { statusCode: number; message: string }) => {
return typeof value.statusCode === "number" && typeof value.message === "string";
},
},
},
};
setup(props: { error: { statusCode: number; message: string } }) {
const sanitizedErrorMessage = computed(() => {
return DOMPurify.sanitize(props.error.message);
});
return {
sanitizedErrorMessage,
};
},
});
</script>

<style lang="scss" scoped>
Expand Down
18 changes: 18 additions & 0 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 3 additions & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
"preview": "nuxt preview",
"postinstall": "nuxt prepare",
"prepare": "husky install",
"lint": "eslint . --ext .vue,.js,.jsx,.cjs,.mjs,.ts,.tsx,.cts,.mts --ignore-path .eslintignore --no-error-on-unmatched-pattern --max-warnings=0",
"lint": "eslint . --ext .vue,.js,.jsx,.cjs,.mjs,.ts,.tsx,.cts,.mts --ignore-path .eslintignore --no-error-on-unmatched-pattern --max-warnings=2",
"lint:fix": "npm run lint -- --fix"
},
"devDependencies": {
Expand All @@ -38,6 +38,7 @@
"@playwright/test": "^1.35.1",
"@semantic-release/changelog": "^6.0.3",
"@semantic-release/exec": "^6.0.3",
"@types/dompurify": "^3.0.5",
"@types/node": "^20.11.24",
"@vue/eslint-config-prettier": "^7.1.0",
"@vueuse/core": "^10.9.0",
Expand Down Expand Up @@ -77,6 +78,7 @@
"@wagmi/core": "^2.6.5",
"@web3modal/wagmi": "^4.1.3",
"crypto-js": "^4.1.1",
"dompurify": "^3.1.7",
"dotenv": "^16.0.3",
"ethers": "^5.7.2",
"jsqr": "^1.4.0",
Expand Down
1 change: 1 addition & 0 deletions types/dompurify.d.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
declare module "dompurify";
1 change: 1 addition & 0 deletions types/index.d.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -148,4 +148,5 @@ declare global {
hyperchainsConfig?: HyperchainsConfig;
};
}
declare module "dompurify";
}

0 comments on commit 68b4c9e

Please sign in to comment.