@radya/nuxt-dompurify
Version:
A Nuxt 3 module that integrates DOMPurify for sanitizing HTML content and protecting against XSS attacks, with support for multiple profiles.
33 lines (32 loc) • 942 B
JavaScript
import DOMPurify from "dompurify";
import { defineNuxtPlugin } from "#app";
import { useRuntimeConfig } from "#imports";
export default defineNuxtPlugin(async ({ vueApp }) => {
const { public: { dompurify } } = useRuntimeConfig();
let purify;
if (import.meta.server) {
const { JSDOM } = await import("jsdom");
purify = DOMPurify(new JSDOM("").window);
} else {
purify = DOMPurify(window);
}
function sanitizeHtml(binding) {
if (binding.arg && dompurify?.profiles?.[binding.arg]) {
return purify.sanitize(binding.value, dompurify.profiles[binding.arg]);
}
return purify.sanitize(binding.value);
}
vueApp.directive("sanitize-html", {
created(el, binding) {
el.innerHTML = sanitizeHtml(binding);
},
updated(el, binding) {
el.innerHTML = sanitizeHtml(binding);
},
getSSRProps(binding) {
return {
innerHTML: sanitizeHtml(binding)
};
}
});
});