Sanitize chat messages to render in Obsidian, Desktop, Web apps

Use DOMPurify to escape any unsafe HTML in chat message before adding it to DOM via innerHTML updates to a HTML element
2026-03-02 21:19:12 +00:00 · 2024-05-29 15:39:49 +05:30
parent 9f80c2ab76
commit b757ba664f
7 changed files with 680 additions and 135 deletions
--- a/src/interface/obsidian/package.json
+++ b/src/interface/obsidian/package.json
@@ -17,6 +17,7 @@
        "assistant"
    ],
    "devDependencies": {
+        "@types/dompurify": "^3.0.5",
        "@types/node": "^16.11.6",
        "@typescript-eslint/eslint-plugin": "5.29.0",
        "@typescript-eslint/parser": "5.29.0",
@@ -25,5 +26,8 @@
        "obsidian": "latest",
        "tslib": "2.4.0",
        "typescript": "4.7.4"
+    },
+    "dependencies": {
+        "dompurify": "^3.1.4"
    }
 }