keycloakify icon indicating copy to clipboard operation
keycloakify copied to clipboard
verified publisher icon keycloakify

Html tags in in the message and the messagePerField fields [keycloakify 10]

Open GusevDV opened this issue 1 year ago • 1 comments

Hello! First of all, I would like to thank you for this library. I enjoy working with Keycloakify.

I migrated to Keycloak 25, which required me to upgrade to the release candidate 10.0.0-rc.100.
In the new version, I have noticed that message.summary and messagesPerFields contain HTML tags.

I don't know it is a expected behavior or it is a bug.

Currently, I am sanitizing the HTML, but I am not sure if this is the correct approach.

import DOMPurify from 'dompurify';

export const getCleanString = (input: string) => {
  return DOMPurify.sanitize(input, { ALLOWED_TAGS: [], ALLOWED_ATTR: [] });
};

This is an example. Screenshot at Jul 03 09-23-40

https://github.com/keycloakify/keycloakify/pull/538

GusevDV avatar Jul 03 '24 07:07 GusevDV

Hello @GusevDV,

Glad you're having a good experiece!

Good catch, it's my bad, I'll address this

garronej avatar Jul 03 '24 08:07 garronej

Sorry for the delay, here are the changes: https://github.com/keycloakify/keycloakify/commit/7c257d97a741c36f1ace4f48caccfee8944c4d0b

garronej avatar Jul 04 '24 18:07 garronej

Thank you very much for a quick solution!

GusevDV avatar Jul 05 '24 06:07 GusevDV