Marmelator/common-ui
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

RED-5546 dom sanitization

Browse Source
This commit is contained in:
Timo Bejan 2022-11-21 13:12:27 +02:00
parent f88914fbe8
commit 61926f5de6
2 changed files with 18 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/lib/listing/table-content/table-content.component.ts
View File

@ -92,5 +92,4 @@ export class TableContentComponent<Class extends IListable<PrimaryKey>, PrimaryK
private _disableMultiSelect() {
this._multiSelectActive$.next(false);
}
}

20
src/lib/services/toaster.service.ts
View File

@ -1,4 +1,4 @@
import { Injectable } from '@angular/core';
import { Injectable, SecurityContext } from '@angular/core';
import { ActiveToast, ToastrService } from 'ngx-toastr';
import { IndividualConfig } from 'ngx-toastr/toastr/toastr-config';
import { NavigationStart, Router } from '@angular/router';
@ -6,6 +6,8 @@ import { TranslateService } from '@ngx-translate/core';
import { HttpErrorResponse, HttpStatusCode } from '@angular/common/http';
import { filter } from 'rxjs/operators';
import { ErrorMessageService } from './error-message.service';
import { DomSanitizer } from '@angular/platform-browser';
import { stripHtml } from 'string-strip-html';
const enum NotificationType {
SUCCESS = 'SUCCESS',
@ -42,6 +44,7 @@ export class Toaster {
constructor(
private readonly _toastr: ToastrService,
private readonly _router: Router,
private readonly _domSanitize: DomSanitizer,
private readonly _translateService: TranslateService,
private readonly _errorMessageService: ErrorMessageService,
) {
@ -78,7 +81,20 @@ export class Toaster {
notificationType = NotificationType.INFO,
options?: Partial<ToasterOptions>,
): ActiveToast<unknown> {
const translatedMsg = this._translateService.instant(message, options?.params) as string;
const sanitized :any = {};
if(options?.params) {
const params : any = options?.params;
for (let key of Object.keys(params)) {
const value = params[key];
sanitized[key] = stripHtml(value).result;
}
}
console.log(sanitized);
const translatedMsg = this._translateService.instant(message, sanitized) as string;
switch (notificationType) {
case NotificationType.SUCCESS: