Fix DOMPurify paths.

Thanks to xet7 !
2025-12-16 07:20:12 +01:00 · 2025-10-11 00:49:43 +03:00 · 2025-10-11 00:49:43 +03:00 · 90899f0928
commit 90899f0928
parent 573d4bf2cb
9 changed files with 12 additions and 12 deletions
--- a/client/components/activities/activities.js
+++ b/client/components/activities/activities.js
@ -1,6 +1,6 @@
 import { ReactiveCache } from '/imports/reactiveCache';
 import DOMPurify from 'dompurify';
-import { sanitizeHTML, sanitizeText } from '/client/lib/secureDOMPurify';
+import { sanitizeHTML, sanitizeText } from '../../lib/secureDOMPurify';
 import { TAPi18n } from '/imports/i18n';

 const activitiesPerPage = 500;
--- a/client/components/cards/attachments.js
+++ b/client/components/cards/attachments.js
@ -1,8 +1,8 @@
 import { ReactiveCache } from '/imports/reactiveCache';
 import { ObjectID } from 'bson';
 import DOMPurify from 'dompurify';
-import { sanitizeHTML, sanitizeText } from '/client/lib/secureDOMPurify';
-import uploadProgressManager from '/client/lib/uploadProgressManager';
+import { sanitizeHTML, sanitizeText } from '../../lib/secureDOMPurify';
+import uploadProgressManager from '../../lib/uploadProgressManager';

 const filesize = require('filesize');
 const prettyMilliseconds = require('pretty-ms');
--- a/client/components/cards/cardDetails.js
+++ b/client/components/cards/cardDetails.js
@ -13,7 +13,7 @@ import { ALLOWED_COLORS } from '/config/const';
 import { UserAvatar } from '../users/userAvatar';
 import { DialogWithBoardSwimlaneList } from '/client/lib/dialogWithBoardSwimlaneList';
 import { handleFileUpload } from './attachments';
-import uploadProgressManager from '/client/lib/uploadProgressManager';
+import uploadProgressManager from '../../lib/uploadProgressManager';

 const subManager = new SubsManager();
 const { calculateIndexData } = Utils;
--- a/client/components/cards/minicard.js
+++ b/client/components/cards/minicard.js
@ -2,7 +2,7 @@ import { ReactiveCache } from '/imports/reactiveCache';
 import { TAPi18n } from '/imports/i18n';
 import { CustomFieldStringTemplate } from '/client/lib/customFields';
 import { handleFileUpload } from './attachments';
-import uploadProgressManager from '/client/lib/uploadProgressManager';
+import uploadProgressManager from '../../lib/uploadProgressManager';

 // Template.cards.events({
 //   'click .member': Popup.open('cardMember')
--- a/client/components/main/editor.js
+++ b/client/components/main/editor.js
@ -325,7 +325,7 @@ BlazeComponent.extendComponent({
 }).register('editor');

 import DOMPurify from 'dompurify';
-import { sanitizeHTML } from '/client/lib/secureDOMPurify';
+import { sanitizeHTML } from '../lib/secureDOMPurify';

 // Additional  safeAttrValue function to allow for other specific protocols
 // See https://github.com/leizongmin/js-xss/issues/52#issuecomment-241354114
--- a/models/cardComments.js
+++ b/models/cardComments.js
@ -1,7 +1,7 @@
 import { ReactiveCache } from '/imports/reactiveCache';
 import escapeForRegex from 'escape-string-regexp';
 import DOMPurify from 'dompurify';
-import { sanitizeText } from '/client/lib/secureDOMPurify';
+import { sanitizeText } from '../client/lib/secureDOMPurify';

 CardComments = new Mongo.Collection('card_comments');

--- a/models/cards.js
+++ b/models/cards.js
@ -1759,7 +1759,7 @@ Cards.helpers({
    // Sanitize title on client side as well
    let sanitizedTitle = title;
    if (typeof title === 'string') {
-      const { sanitizeTitle } = require('/server/lib/inputSanitizer');
+      const { sanitizeTitle } = require('../server/lib/inputSanitizer');
      sanitizedTitle = sanitizeTitle(title);
      if (process.env.DEBUG === 'true' && sanitizedTitle !== title) {
        console.warn('Client-side sanitized card title:', title, '->', sanitizedTitle);
@ -3575,7 +3575,7 @@ JsonRoutes.add('GET', '/api/boards/:boardId/cards_count', function(
      Authentication.checkBoardAccess(req.userId, paramBoardId);

      if (req.body.title) {
-        const { sanitizeTitle } = require('/server/lib/inputSanitizer');
+        const { sanitizeTitle } = require('../server/lib/inputSanitizer');
        const newTitle = sanitizeTitle(req.body.title);

        if (process.env.DEBUG === 'true' && newTitle !== req.body.title) {
--- a/models/lists.js
+++ b/models/lists.js
@ -315,7 +315,7 @@ Lists.mutations({
  rename(title) {
    // Sanitize title on client side as well
    if (typeof title === 'string') {
-      const { sanitizeTitle } = require('/server/lib/inputSanitizer');
+      const { sanitizeTitle } = require('../server/lib/inputSanitizer');
      const sanitizedTitle = sanitizeTitle(title);
      if (process.env.DEBUG === 'true' && sanitizedTitle !== title) {
        console.warn('Client-side sanitized list title:', title, '->', sanitizedTitle);
@ -653,7 +653,7 @@ if (Meteor.isServer) {

      // Update title if provided
      if (req.body.title) {
-        const { sanitizeTitle } = require('/server/lib/inputSanitizer');
+        const { sanitizeTitle } = require('../server/lib/inputSanitizer');
        const newTitle = sanitizeTitle(req.body.title);

        if (process.env.DEBUG === 'true' && newTitle !== req.body.title) {
--- a/packages/markdown/src/template-integration.js
+++ b/packages/markdown/src/template-integration.js
@ -1,5 +1,5 @@
 import DOMPurify from 'dompurify';
-import { getSecureDOMPurifyConfig } from '/client/lib/secureDOMPurify';
+import { getSecureDOMPurifyConfig } from '../../../client/lib/secureDOMPurify';

 var Markdown = require('markdown-it')({
  html: true,