Skip to content

Commit

Permalink
Don't render empty bios
Browse files Browse the repository at this point in the history
  • Loading branch information
@simonbyford
simonbyford committed Nov 27, 2024
1 parent c432add commit 4da707e
Showing 1 changed file with 4 additions and 1 deletion.
5 changes: 4 additions & 1 deletion dotcom-rendering/src/components/MiniProfile.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,8 +116,11 @@ export const MiniProfile = ({
);
};

const containsText = (html: string) =>
html.replace(/<[^>]*>?/gm, '').length > 0;

Check failure

Code scanning / CodeQL

Incomplete multi-character sanitization High

This string may still contain
<script
Loading
, which may cause an HTML element injection vulnerability.

const Bio = ({ html }: { html?: string }) => {
if (!html) return null;
if (!html || !containsText(html)) return null;
const sanitizedHtml = sanitise(html, {});
return (
<>
Expand Down

0 comments on commit 4da707e

Please sign in to comment.