UNPKG

@progress/sitefinity-nextjs-sdk

Version:

Provides OOB widgets developed using the Next.js framework, which includes an abstraction layer for Sitefinity communication. Additionally, it offers an expanded API, typings, and tools for further development and integration.

github.com/Sitefinity/nextjs-sdk

Sitefinity/nextjs-sdk

55 lines (54 loc) 2.3 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
import DOMPurify from 'isomorphic-dompurify'; export class SanitizerService { static instance; constructor() { // force singleton } defaultConfig = { ADD_TAGS: ['iframe', 'sf-input'], ADD_ATTR: ['allow', 'allowfullscreen', 'frameborder', 'scrolling', 'sfref', 'contenteditable', 'target'], ALLOW_ARIA_ATTR: true, ALLOW_DATA_ATTR: true, ALLOW_SELF_CLOSE_IN_ATTR: true }; static getInstance() { if (!SanitizerService.instance) { SanitizerService.instance = new SanitizerService(); DOMPurify.addHook('afterSanitizeAttributes', (node) => { if (node.nodeName.toLowerCase() === 'iframe' && !node.hasAttribute('sandbox')) { node.setAttribute('sandbox', 'allow-scripts allow-same-origin allow-presentation allow-popups'); } }); } return SanitizerService.instance; } sanitizeHtml(input, config = null) { const newConfig = config != null ? this.parseConfig(config) : {}; const finalConfig = Object.assign({}, this.defaultConfig, newConfig); return DOMPurify.sanitize(input || '', finalConfig); } configure(config) { this.defaultConfig = this.parseConfig(config); } parseConfig(config) { return Object.fromEntries(Object.entries({ ADD_ATTR: config.additionalAtributes, ADD_DATA_URI_TAGS: config.additionalDataUriTags, ADD_TAGS: config.additionalTags, ADD_URI_SAFE_ATTR: config.additionalUriSafeAttributes, ALLOW_ARIA_ATTR: config.allowAriaAttributes, ALLOW_DATA_ATTR: config.allowDataAttributes, ALLOW_UNKNOWN_PROTOCOLS: config.allowUnknownProtocols, ALLOW_SELF_CLOSE_IN_ATTR: config.allowSelfcloseInAttributes, ALLOWED_ATTR: config.allowedAttributes, ALLOWED_TAGS: config.allowedTags, ALLOWED_NAMESPACES: config.allowedNamespaces, ALLOWED_URI_REGEXP: config.allowedUriRegex, FORBID_ATTR: config.forbiddenAttributes, FORBID_CONTENTS: config.forbiddenContents, FORBID_TAGS: config.forbiddenTags }).filter(([key, value]) => { return value != null; })); } }