Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feat: skip dom purify for trusted content #393

Merged
merged 3 commits into from
Oct 24, 2024
Merged

Feat: skip dom purify for trusted content #393

merged 3 commits into from
Oct 24, 2024

Conversation

yue4u
Copy link
Contributor

@yue4u yue4u commented Sep 25, 2023
edited
Loading

やったこと

  • Since style and known icons are fully controlled by us, it should be safe to skip dom purify in these cases.
  • Lazy import and keep sanitizing custom icons so this should not be a breaking change.

動作確認環境

チェックリスト

不要なチェック項目は消して構いません

  • README やドキュメントに影響があることを確認した

yue4u
yue4u commented Sep 25, 2023
View reviewed changes
packages/icons/src/PixivIcon.ts
if (iconResult.trusted) {
this.svgContent = iconResult.svgContent
} else {
const { default: DOMPurify } = await import('dompurify')
Copy link
Contributor Author

@yue4u yue4u Sep 25, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

dom-purify is still pretty large so we can do following in the future.

  1. let users do sanitizing themselves
  2. leveraging https://developer.mozilla.org/en-US/docs/Web/API/HTML_Sanitizer_API

fsubal
fsubal reviewed Oct 5, 2023
View reviewed changes
packages/icons/src/PixivIcon.ts
}
if (Number.isNaN(size)) {
throw new TypeError(`icon size must not be NaN`)
}
Copy link
Member

@fsubal fsubal Oct 5, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[IMO] 実は Number.isFinite() だけで良かったりしませんか?

    if (!Number.isFinite(size)) {
      throw new TypeError('icon size must be a finite number')
    }

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

1/0Infinityを考えると確かにisFiniteが良さそうです。実際はかなりのedge caseですね

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

37c2245

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

すみません意図としては typeofnumber であるかの判定も isFinite() だけで行けるんじゃないですか、みたいなことでした(これでも良いですが)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

4eb112c 消しました。元々エラー少しわかりやすくなるかもしれないという意図で入れていたが処理的には確か不要そうです

@naporin0624 naporin0624 changed the base branch from main to v4.0.0 October 16, 2024 07:23
@yue4u yue4u mentioned this pull request Oct 24, 2024
Merged
4 tasks
@yue4u yue4u merged commit 42cca0b into pixiv:v4.0.0 Oct 24, 2024
12 of 13 checks passed
@yue4u yue4u deleted the feat/skip-dom-purify-for-trusted-content branch October 24, 2024 01:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fsubal fsubal fsubal left review comments

@mimokmt mimokmt mimokmt approved these changes

Assignees
No one assigned
Labels
major
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@yue4u @fsubal @mimokmt @naporin0624