Skip to content

Commit 486673f

Browse files
cure53cure53
authoredJan 5, 2024
Merge pull request #898 from cpmotion/issue-897
fix: Avoid TypeError for null values on CUSTOM_ELEMENT_HANDLING config.
·
3.2.43.0.8
2 parents 771eb82 + 38e4dc3 commit 486673f

10 files changed

+28
-9
lines changed
 

‎dist/purify.cjs.js

+1-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

‎dist/purify.cjs.js.map

+1-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

‎dist/purify.es.mjs

+1-1
Original file line numberDiff line numberDiff line change
@@ -139,7 +139,7 @@ function clone(object) {
139139
if (getOwnPropertyDescriptor(object, property) !== undefined) {
140140
if (Array.isArray(value)) {
141141
newObject[property] = cleanArray(value);
142-
} else if (typeof value === 'object' && value.constructor === Object) {
142+
} else if (value && typeof value === 'object' && value.constructor === Object) {
143143
newObject[property] = clone(value);
144144
} else {
145145
newObject[property] = value;

‎dist/purify.es.mjs.map

+1-1
Large diffs are not rendered by default.

‎dist/purify.js

+1-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

‎dist/purify.js.map

+1-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

‎dist/purify.min.js

+1-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

‎dist/purify.min.js.map

+1-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

‎src/utils.js

+5-1
Original file line numberDiff line numberDiff line change
@@ -136,7 +136,11 @@ function clone(object) {
136136
if (getOwnPropertyDescriptor(object, property) !== undefined) {
137137
if (Array.isArray(value)) {
138138
newObject[property] = cleanArray(value);
139-
} else if (typeof value === 'object' && value.constructor === Object) {
139+
} else if (
140+
value &&
141+
typeof value === 'object' &&
142+
value.constructor === Object
143+
) {
140144
newObject[property] = clone(value);
141145
} else {
142146
newObject[property] = value;

‎test/test-suite.js

+15
Original file line numberDiff line numberDiff line change
@@ -804,6 +804,21 @@
804804
);
805805
}
806806
);
807+
QUnit.test(
808+
'CUSTOM_ELEMENT_HANDLING config values of null do not throw a TypeError.',
809+
function (assert) {
810+
DOMPurify.sanitize('', {
811+
CUSTOM_ELEMENT_HANDLING: {
812+
tagNameCheck: null,
813+
attributeNameCheck: null,
814+
allowCustomizedBuiltInElements: null,
815+
},
816+
});
817+
818+
// Don't see a great way to assert NOT throws...
819+
assert.ok(true);
820+
}
821+
);
807822
QUnit.test('Test dirty being an array', function (assert) {
808823
assert.equal(
809824
DOMPurify.sanitize(['<a>123<b>456</b></a>']),

0 commit comments

Comments
 (0)
Please sign in to comment.