Skip to content

updated UI #126

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
amannan21 wants to merge 8 commits into
base: main
Choose a base branch
from
Open

updated UI #126

amannan21 wants to merge 8 commits into from

Conversation

@amannan21
Copy link
Contributor

@amannan21 amannan21 commented May 2, 2025

No description provided.

@netlify
Copy link

netlify bot commented May 2, 2025
edited
Loading

Deploy Preview for alloradocs ready!

Name Link
🔨 Latest commit f82e173
🔍 Latest deploy log https://app.netlify.com/projects/alloradocs/deploys/6838c01ae50bf400085f5fda
😎 Deploy Preview https://deploy-preview-126--alloradocs.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

github-advanced-security[bot]
github-advanced-security bot found potential problems May 29, 2025
View reviewed changes
components/chatbutton1.js
return (
<div
className="markdown-content"
dangerouslySetInnerHTML={{ __html: renderMarkdown(content) }}

Check warning

Code scanning / CodeQL

DOM text reinterpreted as HTML Medium

DOM text
Loading
is reinterpreted as HTML without escaping meta-characters.

Copilot Autofix

AI 8 months ago

To fix the issue, the input to renderMarkdown must be sanitized to remove any potentially malicious content before it is processed and injected into the DOM. This can be achieved by using a library like DOMPurify to sanitize the HTML output generated by renderMarkdown.

Steps to implement the fix:

  1. Install the dompurify library to sanitize HTML content.
  2. Import DOMPurify into the file.
  3. Use DOMPurify.sanitize to clean the HTML output from renderMarkdown before passing it to dangerouslySetInnerHTML.
Suggested changeset 2
components/chatbutton1.js

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/components/chatbutton1.js b/components/chatbutton1.js
--- a/components/chatbutton1.js
+++ b/components/chatbutton1.js
@@ -1,2 +1,3 @@
 import React, { useState, useRef, useEffect } from "react";
+import DOMPurify from "dompurify";
 
@@ -34,2 +35,4 @@
 
+  const sanitizedHtml = DOMPurify.sanitize(renderMarkdown(content));
+
   return (
@@ -37,3 +40,3 @@
       className="markdown-content"
-      dangerouslySetInnerHTML={{ __html: renderMarkdown(content) }}
+      dangerouslySetInnerHTML={{ __html: sanitizedHtml }}
     />
EOF
@@ -1,2 +1,3 @@
import React, { useState, useRef, useEffect } from "react";
import DOMPurify from "dompurify";

@@ -34,2 +35,4 @@

const sanitizedHtml = DOMPurify.sanitize(renderMarkdown(content));

return (
@@ -37,3 +40,3 @@
className="markdown-content"
dangerouslySetInnerHTML={{ __html: renderMarkdown(content) }}
dangerouslySetInnerHTML={{ __html: sanitizedHtml }}
/>
package.json
Outside changed files

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/package.json b/package.json
--- a/package.json
+++ b/package.json
@@ -8,3 +8,4 @@
     "react-dom": "^18.3.1",
-    "react-katex": "^3.0.1"
+    "react-katex": "^3.0.1",
+    "dompurify": "^3.2.6"
   },
EOF
@@ -8,3 +8,4 @@
"react-dom": "^18.3.1",
"react-katex": "^3.0.1"
"react-katex": "^3.0.1",
"dompurify": "^3.2.6"
},
This fix introduces these dependencies
Package Version Security advisories
dompurify (npm) 3.2.6 None
Copilot is powered by AI and may make mistakes. Always verify output.
amannan21 added 3 commits May 28, 2025 23:48
@amannan21
Update chatbutton1.js
e0ff5a0 
Signed-off-by: AJ Mannan <amannan@usc.edu>
@amannan21
Update chatbutton1.js
95df308 
Signed-off-by: AJ Mannan <amannan@usc.edu>
@amannan21
Update chatbutton1.js
f82e173 
Signed-off-by: AJ Mannan <amannan@usc.edu>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@amannan21