bug : fixed response formatting issue using marked library #102
Conversation
VishalPawar1010
changed the title
|
@shivay-at-pieces Could you please review the PR. Thanks |
| @@ -180,7 +180,7 @@ export function CopilotChat(): React.JSX.Element { | |||
| </div> | |||
| <div className="messages"> | |||
| <div> | |||
| <p>{message}</p> | |||
| <p dangerouslySetInnerHTML={{ __html: marked(message) }}></p> | |||
There was a problem hiding this comment.
Hey @VishalPawar1010 I would recommend to avoid using dangerouslySetInnerHTML in React as it can be risky because it can expose your application to Cross-Site Scripting (XSS) attacks if not handled properly.
Can you Sanitize the HTML output that you render from the marked library. Or you can use remark or rehype libraries
There was a problem hiding this comment.
Sure @shivay-at-pieces , will look into suggested options to ensure regarding Cross-Site Scripting (XSS) attacks
- To sanitise the HTML output that render from the marked library
- Use alternative libraries like remark or rehype
There was a problem hiding this comment.
Hey @shivay-at-pieces ,
I have proposed 2 (solutions) PRs for this issue #62 .
- Updated current PR with addition of sanitization to marked library and removal of
dangerouslySetInnerHTML - Resolved response formatting using ReactMarkdown and rehype library : bug : fixed response formatting using rehype and ReactMarkdown #111
Please let me know for any.
There was a problem hiding this comment.
Similar problem like in the #111 the type definitions are missing. Please add those
There was a problem hiding this comment.
I have added type definitions as required in both PRs. Please have a look and let me know for any.
|
Closing this since we have #111 open |
Description
This PR fixes #62 Copilot Response Formatting Issue