Add safe_html() for XSS-safe WYSIWYG HTML sanitization

🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-12-25 23:39:42 +00:00
parent 1322bbf988
commit 1abbac58e7
419 changed files with 39662 additions and 154 deletions
--- a/package-lock.json
+++ b/package-lock.json
@@ -32,6 +32,7 @@
                "concat-with-sourcemaps": "^1.1.0",
                "cross-env": "^7.0.3",
                "decomment": "^0.9.5",
+                "dompurify": "^3.3.1",
                "easymde": "^2.20.0",
                "esbuild": "^0.25.9",
                "jquery": "^3.7.1",
@@ -4203,6 +4204,13 @@
                "@types/estree": "*"
            }
        },
+        "node_modules/@types/trusted-types": {
+            "version": "2.0.7",
+            "resolved": "https://registry.npmjs.org/@types/trusted-types/-/trusted-types-2.0.7.tgz",
+            "integrity": "sha512-ScaPdn1dQczgbl0QFTeTOmVHFULt394XJgOQNoyVhZ6r2vLnMLJfBPd53SB52T/3G36VI1/g2MZaX0cwDuXsfw==",
+            "license": "MIT",
+            "optional": true
+        },
        "node_modules/@types/uglify-js": {
            "version": "3.17.5",
            "resolved": "https://registry.npmjs.org/@types/uglify-js/-/uglify-js-3.17.5.tgz",
@@ -6630,6 +6638,15 @@
                "url": "https://github.com/fb55/domhandler?sponsor=1"
            }
        },
+        "node_modules/dompurify": {
+            "version": "3.3.1",
+            "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.3.1.tgz",
+            "integrity": "sha512-qkdCKzLNtrgPFP1Vo+98FRzJnBRGe4ffyCea9IwHB1fyxPOeNTHpLKYGd4Uk9xvNoH0ZoOjwZxNptyMwqrId1Q==",
+            "license": "(MPL-2.0 OR Apache-2.0)",
+            "optionalDependencies": {
+                "@types/trusted-types": "^2.0.7"
+            }
+        },
        "node_modules/domutils": {
            "version": "2.8.0",
            "resolved": "https://registry.npmjs.org/domutils/-/domutils-2.8.0.tgz",