From f5fa03f4728e483949f6360093bc3ea1ef555535 Mon Sep 17 00:00:00 2001 From: Timothy Carambat Date: Wed, 15 Apr 2026 10:37:56 -0700 Subject: [PATCH] Merge commit from fork --- .../ChatContainer/ChatHistory/Chartable/index.jsx | 5 +++-- frontend/src/utils/chat/markdown.js | 4 ++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/frontend/src/components/WorkspaceChat/ChatContainer/ChatHistory/Chartable/index.jsx b/frontend/src/components/WorkspaceChat/ChatContainer/ChatHistory/Chartable/index.jsx index aab732c9..6fad5833 100644 --- a/frontend/src/components/WorkspaceChat/ChatContainer/ChatHistory/Chartable/index.jsx +++ b/frontend/src/components/WorkspaceChat/ChatContainer/ChatHistory/Chartable/index.jsx @@ -31,6 +31,7 @@ import CustomCell from "./CustomCell.jsx"; import Tooltip from "./CustomTooltip.jsx"; import { safeJsonParse } from "@/utils/request.js"; import renderMarkdown from "@/utils/chat/markdown.js"; +import DOMPurify from "dompurify"; import { memo, useCallback, useState } from "react"; import { saveAs } from "file-saver"; import { useGenerateImage } from "recharts-to-png"; @@ -394,7 +395,7 @@ export function Chartable({ props }) { @@ -413,7 +414,7 @@ export function Chartable({ props }) { diff --git a/frontend/src/utils/chat/markdown.js b/frontend/src/utils/chat/markdown.js index f7affa18..f6748c80 100644 --- a/frontend/src/utils/chat/markdown.js +++ b/frontend/src/utils/chat/markdown.js @@ -63,7 +63,7 @@ markdown.renderer.rules.strong_close = () => ""; markdown.renderer.rules.link_open = (tokens, idx) => { const token = tokens[idx]; const href = token.attrs.find((attr) => attr[0] === "href"); - return ``; + return ``; }; // Custom renderer for responsive images rendered in markdown @@ -73,7 +73,7 @@ markdown.renderer.rules.image = function (tokens, idx) { const src = token.attrs[srcIndex][1]; const alt = token.content || ""; - return `
${alt}
`; + return `
${HTMLEncode(alt)}
`; }; markdown.use(markdownItKatexPlugin);