Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DOMPurify.sanitize is not a function #526

Closed
akashgp09 opened this issue Mar 22, 2021 · 10 comments
Closed

DOMPurify.sanitize is not a function #526

akashgp09 opened this issue Mar 22, 2021 · 10 comments

Comments

@akashgp09
Copy link

Background & Context

I am using DOMPurify in my react App

Bug

DOMPurify.sanitize is not a function

Input

import DOMPurify from "dompurify";

const dirty = `I love to do evil <img src="http://unsplash.it/100/100?random" onload="alert('you got hacked');" />`;

const App = () => (
  <div
    dangerouslySetInnerHTML={{
      __html: DOMPurify.sanitize(dirty)
    }}
  />
);

Given output

DOMpurify.sanitize is not a function

Expected output

Should execute well
@akashgp09 akashgp09 mentioned this issue Mar 22, 2021
Merged
@cure53
Copy link
Owner

cure53 commented Mar 23, 2021

Not our bug, me thinks.

@cure53 cure53 closed this as completed Mar 23, 2021
@binyamin
Copy link

@cure53 same problem here. Do you have any idea who's bug it is?

@binyamin
Copy link

Ah, maybe it needs jsdom? The readme doesn't seem to say that in node.js, you need jsdom to work

@Fensterbank
Copy link

I had this issue with NextJS on server-side rendering.
To make this work server-side and client-side the same way, you can use the wrapper https://github.com/kkomelin/isomorphic-dompurify

@cyocun
Copy link

cyocun commented Feb 18, 2023

I was into the same problem.

the solution is
import * as DOMPurify from 'dompurify';
⭕️ import DOMPurify from 'dompurify';

@duoluodexiaoxiaoyuan
Copy link

duoluodexiaoxiaoyuan commented Feb 21, 2023
edited
Loading

Background & Context

I am using DOMPurify in my react App

Bug

DOMPurify.sanitize is not a function

Input

import DOMPurify from "dompurify";

const dirty = `I love to do evil <img src="http://unsplash.it/100/100?random" onload="alert('you got hacked');" />`;

const App = () => (
  <div
    dangerouslySetInnerHTML={{
      __html: DOMPurify.sanitize(dirty)
    }}
  />
);

Given output

DOMpurify.sanitize is not a function

Expected output

Should execute well

i find a answer, this is a demo https://codesandbox.io/s/ei98d?file=/src/App.tsx

Repository owner deleted a comment from s1nistr4 Sep 7, 2023
@ahonestla ahonestla mentioned this issue Jan 18, 2024
Closed
@bonface221
Copy link

🤔

@mtoha2013
Copy link

I have similar issue, how to achieve this at pure javascript no framework like react?
I run it on .NET MVC app

@ONLY-yours ONLY-yours mentioned this issue Apr 11, 2024
Merged
7 tasks
@Bunpasi
Copy link

Bunpasi commented May 3, 2024

I had the same problem. Check DOMPurify.isSupported. For me it wasn't supported, because my application didn't have a global window object.

@MortenHofft
Copy link
Contributor

What threw me off is this example from the docs

import * as DOMPurify from 'dompurify';
const clean = DOMPurify.sanitize('<b>hello there</b>');

which doesn't work, but this does

import DOMPurify from 'dompurify';
const clean = DOMPurify.sanitize('<b>hello there</b>');

MortenHofft added a commit to MortenHofft/DOMPurify that referenced this issue May 15, 2024
@MortenHofft
documentation
952f309 
cure53#526 (comment)
@MortenHofft MortenHofft mentioned this issue May 15, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
10 participants
@cyocun @Fensterbank @cure53 @MortenHofft @mtoha2013 @binyamin @akashgp09 @Bunpasi @duoluodexiaoxiaoyuan @bonface221