Skip to content

Commit 7256d75

Browse files
cyfung1031cyfung1031
authored
fix #1274 (#1275)
* fix #1274 * Update index.ts * Array.includes -> Set.has
1 parent 1b70fce commit 7256d75

3 files changed

Lines changed: 7 additions & 5 deletions

File tree

src/app/service/service_worker/index.ts

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,6 @@ import { FaviconDAO } from "@App/app/repo/favicon";
2121
import { onRegularUpdateCheckAlarm } from "./regular_updatecheck";
2222
import { cacheInstance } from "@App/app/cache";
2323
import { InfoNotification } from "./utils";
24-
import { sanitizeHTML } from "@App/pkg/utils/sanitize";
2524

2625
// service worker的管理器
2726
export default class ServiceWorkerManager {
@@ -116,7 +115,7 @@ export default class ServiceWorkerManager {
116115
.then((resp: { data: { [key: string]: any; notice: string; version: string } }) => {
117116
const data = resp.data;
118117
systemConfig
119-
.getCheckUpdate({ sanitizeHTML })
118+
.getCheckUpdate()
120119
.then((items) => {
121120
const isRead = items.notice !== data.notice ? false : items.isRead;
122121
systemConfig.setCheckUpdate({ ...data, isRead: isRead });

src/pages/popup/App.tsx

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -271,9 +271,12 @@ function App() {
271271
const checkScriptEnableAndUpdate = async () => {
272272
const [isEnableScript, checkUpdate] = await Promise.all([
273273
systemConfig.getEnableScript(),
274-
systemConfig.getCheckUpdate({ sanitizeHTML }),
274+
systemConfig.getCheckUpdate(),
275275
]);
276276
if (!hookMgr.isMounted) return;
277+
if (typeof checkUpdate.notice === "string") {
278+
checkUpdate.notice = sanitizeHTML(checkUpdate.notice);
279+
}
277280
setIsEnableScript(isEnableScript);
278281
setCheckUpdate(checkUpdate);
279282
};

src/pkg/utils/sanitize.ts

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,14 @@
11
import DOMPurify from "dompurify";
22

33
// 允许的安全 CSS 属性白名单
4-
const ALLOWED_CSS_PROPERTIES = ["color", "font-size", "font-weight", "font-style"];
4+
const ALLOWED_CSS_PROPERTIES = new Set(["color", "font-size", "font-weight", "font-style"]);
55

66
// 过滤不安全的 CSS 属性,只保留白名单中的属性
77
DOMPurify.addHook("afterSanitizeAttributes", (node) => {
88
if (node instanceof HTMLElement && node.hasAttribute("style")) {
99
const { style } = node;
1010
for (let i = style.length - 1; i >= 0; i--) {
11-
if (!ALLOWED_CSS_PROPERTIES.includes(style[i])) {
11+
if (!ALLOWED_CSS_PROPERTIES.has(style[i])) {
1212
style.removeProperty(style[i]);
1313
}
1414
}

0 commit comments

Comments
 (0)