fix: allow-iframe-embeds (#2009)

* allow embedding iframes

* fix alignment issue for buttons
This commit is contained in:
Hayden 2023-01-08 10:50:26 -08:00 committed by GitHub
parent 61ccaded2c
commit ae59f04b9f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 11 additions and 5 deletions

View file

@ -9,7 +9,7 @@
> >
<BaseDialog <BaseDialog
v-model="deleteDialog" v-model="deleteDialog"
:title="$t('recipe.delete-recipe')" :title="$tc('recipe.delete-recipe')"
color="error" color="error"
:icon="$globals.icons.alertCircle" :icon="$globals.icons.alertCircle"
@confirm="emitDelete()" @confirm="emitDelete()"
@ -66,7 +66,7 @@
@print="$emit('print')" @print="$emit('print')"
/> />
</div> </div>
<div v-if="open" class="custom-btn-group mb-"> <div v-if="open" class="custom-btn-group gapped">
<v-btn <v-btn
v-for="(btn, index) in editorButtons" v-for="(btn, index) in editorButtons"
:key="index" :key="index"
@ -211,6 +211,10 @@ export default defineComponent({
display: inline-flex; display: inline-flex;
} }
.gapped {
gap: 0.25rem;
}
.vertical { .vertical {
flex-direction: column !important; flex-direction: column !important;
} }

View file

@ -20,17 +20,19 @@ export default defineComponent({
}, },
setup() { setup() {
function sanitizeMarkdown(rawHtml: string | null | undefined): string { function sanitizeMarkdown(rawHtml: string | null | undefined): string {
console.log(rawHtml)
if (!rawHtml) { if (!rawHtml) {
return ""; return "";
} }
const sanitized = DOMPurify.sanitize(rawHtml, { const sanitized = DOMPurify.sanitize(rawHtml, {
USE_PROFILES: { html: true },
// TODO: some more thought could be put into what is allowed and what isn't // TODO: some more thought could be put into what is allowed and what isn't
ALLOWED_TAGS: ["img", "div", "p"], ALLOWED_TAGS: ["img", "div", "p", "iframe"],
ADD_ATTR: ["src", "alt", "height", "width", "class"], ADD_ATTR: ["src", "alt", "height", "width", "class", "allow", "title", "allowfullscreen", "frameborder", "scrolling"],
}); });
console.log(sanitized)
return sanitized; return sanitized;
} }