jonny/jonnybarnes.uk
1
0
Fork 0
Code Issues 8 Pull requests Projects Releases 5 Packages Wiki Activity Actions

Switch to Symfony’s HTML Sanitizer package

Browse source
This commit is contained in:
Jonny Barnes 2022-06-02 09:40:34 +01:00
parent e91f3e0d17
commit e98a90fe1e
4 changed files with 212 additions and 88 deletions
Download patch file Download diff file Expand all files Collapse all files

11
app/Providers/AppServiceProvider.php
View file

@ -15,6 +15,8 @@ use Lcobucci\JWT\Configuration;
use Lcobucci\JWT\Signer\Hmac\Sha256;
use Lcobucci\JWT\Signer\Key\InMemory;
use Lcobucci\JWT\Validation\Constraint\SignedWith;
use Symfony\Component\HtmlSanitizer\HtmlSanitizer;
use Symfony\Component\HtmlSanitizer\HtmlSanitizerConfig;
class AppServiceProvider extends ServiceProvider
{
@ -91,6 +93,15 @@ class AppServiceProvider extends ServiceProvider
return $config;
});
// Configure HtmlSanitizer
$this->app->bind(HtmlSanitizer::class, function () {
return new HtmlSanitizer(
(new HtmlSanitizerConfig())
->allowSafeElements()
->forceAttribute('a', 'rel', 'noopener nofollow')
);
});
}
/**