diff --git a/CHANGELOG.md b/CHANGELOG.md index 531036d5a..cc51e3ff1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,33 @@ All notable changes to this project will be documented in this file. This project adheres to [Semantic Versioning](http://semver.org/). +## 1.11.2 - 2022-01-10 +[FIX] IME not working properly #674 + +## 1.11.1 - 2021-12-30 +[FIX] Hide Livechat if Omnichannel is disabled #671 + +## 1.11.0 - 2021-12-09 +[NEW] Introduce clearLocalStorageWhenChatEnded setting logic (#666) +[IMPROVE] Change logic to generate token on Live Chat (#667) + +## 1.10.0 - 2021-11-22 +[NEW] Audio and Video calling in Livechat using WebRTC (#646) +[FIX] LoadConfig after registering guest (#640) +[FIX] Body styles getting overridden (#660) + +## 1.9.6 - 2021-10-20 +[FIX] 'Hide agent info' not working on system message (#651) +[FIX] Issues on Custom Livechat messages (#648) + +## 1.9.5 - 2021-09-14 +[IMPROVE] Readme enhancements (#557) +[IMPROVE] Swedish Translations (#573) +[FIX] Escaping HTML on paste/drop Text (#471) +[IMPROVE] Spanish translations (#370) +[IMPROVE] Russian translations (#644) +[IMPROVE] Add cookie to identify widget calls (#645) + ## 1.9.4 - 2021-08-19 [FIX] Iframe overlay (#631) [IMPROVE] German informal translation (#622) diff --git a/package.json b/package.json index b4d6234f5..279aac959 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@rocket.chat/livechat", - "version": "1.9.4", + "version": "1.11.2", "files": [ "/build" ], @@ -91,7 +91,6 @@ "css-vars-ponyfill": "^2.3.2", "date-fns": "^2.15.0", "desvg": "^1.0.2", - "dompurify": "^2.2.6", "emoji-mart": "^3.0.0", "history": "^5.0.0", "i18nline": "^2.0.1", diff --git a/src/components/Composer/index.js b/src/components/Composer/index.js index 7908d72db..39c1ae3ce 100644 --- a/src/components/Composer/index.js +++ b/src/components/Composer/index.js @@ -1,6 +1,6 @@ import { h, Component } from 'preact'; -import { createClassName } from '../helpers'; +import { createClassName, parse } from '../helpers'; import styles from './styles.scss'; const findLastTextNode = (node) => { @@ -75,7 +75,8 @@ export class Composer extends Component { items.filter((item) => item.kind === 'string' && /^text\/plain/.test(item.type)) .map((item) => new Promise((resolve) => item.getAsString(resolve))), ); - texts.forEach((text) => this.pasteText(text)); + + texts.forEach((text) => this.pasteText(parse(text))); } handleDrop = (onUpload) => async (event) => { @@ -98,7 +99,7 @@ export class Composer extends Component { items.filter((item) => item.kind === 'string' && /^text\/plain/.test(item.type)) .map((item) => new Promise((resolve) => item.getAsString(resolve))), ); - texts.forEach((text) => this.pasteText(text)); + texts.forEach((text) => this.pasteText(parse(text))); } handleClick = () => { diff --git a/src/components/Messages/MessageText/markdown.js b/src/components/Messages/MessageText/markdown.js index ca1c4d6bf..f5b6ee69d 100644 --- a/src/components/Messages/MessageText/markdown.js +++ b/src/components/Messages/MessageText/markdown.js @@ -1,4 +1,3 @@ -import { sanitize } from 'dompurify'; import MarkdownIt from 'markdown-it'; @@ -81,4 +80,4 @@ md.use((md) => { }); }); -export const renderMarkdown = (...args) => sanitize(md.render(...args), { ADD_ATTR: ['target', 'rel'] }); +export const renderMarkdown = (...args) => md.render(...args); diff --git a/src/components/helpers.js b/src/components/helpers.js index 66b1bdd24..7045488c7 100644 --- a/src/components/helpers.js +++ b/src/components/helpers.js @@ -1,4 +1,5 @@ import parseISO from 'date-fns/parseISO'; +import mem from 'mem'; import { Component } from 'preact'; import { Livechat, useSsl } from '../api'; @@ -262,3 +263,23 @@ export const resolveDate = (dateInput) => { } } }; + +const escapeMap = { + '&': '&', + '<': '<', + '>': '>', + '"': '"', + '\'': ''', + '`': '`', +}; + +const escapeRegex = new RegExp(`(?:${ Object.keys(escapeMap).join('|') })`, 'g'); + +const escapeHtml = mem( + (string) => string.replace(escapeRegex, (match) => escapeMap[match]), +); + +export const parse = (plainText) => + [{ plain: plainText }] + .map(({ plain, html }) => (plain ? escapeHtml(plain) : html || '')) + .join(''); diff --git a/src/routes/Chat/container.js b/src/routes/Chat/container.js index 9c0fd9f7c..ea2228b01 100644 --- a/src/routes/Chat/container.js +++ b/src/routes/Chat/container.js @@ -1,11 +1,9 @@ -import { sanitize } from 'dompurify'; -import mem from 'mem'; import { h, Component } from 'preact'; import { route } from 'preact-router'; import { Livechat } from '../../api'; import { ModalManager } from '../../components/Modal'; -import { debounce, getAvatarUrl, canRenderMessage, throttle, upsert } from '../../components/helpers'; +import { debounce, getAvatarUrl, canRenderMessage, throttle, upsert, parse } from '../../components/helpers'; import I18n from '../../i18n'; import { normalizeQueueAlert } from '../../lib/api'; import constants from '../../lib/constants'; @@ -115,30 +113,10 @@ export class ChatContainer extends Component { } handleSubmit = async (msg) => { - const escapeMap = { - '&': '&', - '<': '<', - '>': '>', - '"': '"', - '\'': ''', - '`': '`', - }; - - const escapeRegex = new RegExp(`(?:${ Object.keys(escapeMap).join('|') })`, 'g'); - - const escapeHtml = mem( - (string) => string.replace(escapeRegex, (match) => escapeMap[match]), - ); - - const parse = (plainText) => - [{ plain: plainText }] - .map(({ plain, html }) => (plain ? escapeHtml(plain) : html || '')) - .join(''); - if (msg.trim() === '') { return; } - msg = sanitize(msg); + msg = parse(msg); await this.grantUser(); diff --git a/yarn.lock b/yarn.lock index 1fa350cf1..c4c0c28d8 100644 --- a/yarn.lock +++ b/yarn.lock @@ -5689,11 +5689,6 @@ domhandler@^2.3.0: dependencies: domelementtype "1" -dompurify@^2.2.6: - version "2.2.6" - resolved "https://registry.yarnpkg.com/dompurify/-/dompurify-2.2.6.tgz#54945dc5c0b45ce5ae228705777e8e59d7b2edc4" - integrity sha512-7b7ZArhhH0SP6W2R9cqK6RjaU82FZ2UPM7RO8qN1b1wyvC/NY1FNWcX1Pu00fFOAnzEORtwXe4bPaClg6pUybQ== - domutils@1.5.1: version "1.5.1" resolved "https://registry.yarnpkg.com/domutils/-/domutils-1.5.1.tgz#dcd8488a26f563d61079e48c9f7b7e32373682cf"