Skip to content

Latest commit

 

History

History
22 lines (22 loc) · 1.15 KB

2021-05-19-sanitize-html-content-of-fields-and-cms-text-elements.md

File metadata and controls

22 lines (22 loc) · 1.15 KB
Raw
title issue author author_email author_github
Sanitize HTML contents of fields and CMS text elements
NEXT-15172
d.neustadt
d.neustadt@shopware.com
dneustadt

Core

  • Changed dependency of ezyang/htmlpurifier from Storefront to Core
  • Added HtmlSanitizer service to framework utils
  • Changed former htmlPurifier config from Storefront to Core as shopware.html_sanitizer
  • Added $sanitize constructor parameter to AllowHtml field flag to specify whether html content should be sanitized as per HtmlSanitizer
  • Changed hanlding of text CMS element contents in TextCmsElementResolver to sanitize HTML

Administration

  • Added sanitizeInput and sanitizeFieldname property to SwTextEditor and SwCodeEditor component
  • Added userInputSanitizeService with sanitizeInput({ html, field }) method to receive a preview of backend sanitization
  • Changed SwCodeEditor onBlur() behavior to use userInputSanitizeService if sanitizeInput property is set
  • Added sanitizeEditorInput(value) function to SwCodeEditor for previewing sanitized content to the user

Storefront

  • Changed SwSanitizeTwigFilter to use HtmlSanitizer