Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trust HTML for rich text clipboard #6755

Merged
merged 1 commit into from
Oct 22, 2024
Merged

Trust HTML for rich text clipboard #6755

merged 1 commit into from
Oct 22, 2024

Conversation

zurfyx
Copy link
Member

@zurfyx zurfyx commented Oct 22, 2024

Modern sites enforce trusted HTML. DOMParse.parseFromString will fail because the clipboard is not a trusted type. Given that we already post-process the HTML instead of blindly exposing it to the DOM I think it's safe to trust it here.

@vercel Vercel
Copy link

vercel bot commented Oct 22, 2024

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
lexical ✅ Ready (Inspect) Visit Preview 💬 Add feedback Oct 22, 2024 10:55pm
lexical-playground ✅ Ready (Inspect) Visit Preview 💬 Add feedback Oct 22, 2024 10:55pm

@facebook-github-bot facebook-github-bot added the CLA Signed This label is managed by the Facebook bot. Authors need to sign the CLA before a PR can be reviewed. label Oct 22, 2024
@github-actions GitHub Actions
Copy link

size-limit report 📦

Path Size
lexical - cjs 29.94 KB (0%)
lexical - esm 29.78 KB (0%)
@lexical/rich-text - cjs 38.53 KB (0%)
@lexical/rich-text - esm 31.6 KB (0%)
@lexical/plain-text - cjs 37.14 KB (0%)
@lexical/plain-text - esm 29 KB (0%)
@lexical/react - cjs 40.34 KB (0%)
@lexical/react - esm 33 KB (0%)

fantactuka
fantactuka approved these changes Oct 22, 2024
View reviewed changes
Copy link
Contributor

@fantactuka fantactuka left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚀

@zurfyx zurfyx added this pull request to the merge queue Oct 22, 2024
Merged via the queue into main with commit 409c65e Oct 22, 2024
44 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fantactuka fantactuka fantactuka approved these changes

@etrepum etrepum etrepum approved these changes

@acywatson acywatson Awaiting requested review from acywatson acywatson is a code owner

@Fetz Fetz Awaiting requested review from Fetz Fetz is a code owner

@ivailop7 ivailop7 Awaiting requested review from ivailop7 ivailop7 is a code owner

@Sahejkm Sahejkm Awaiting requested review from Sahejkm Sahejkm is a code owner

@potatowagon potatowagon Awaiting requested review from potatowagon potatowagon is a code owner

Assignees
No one assigned
Labels
CLA Signed This label is managed by the Facebook bot. Authors need to sign the CLA before a PR can be reviewed.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@zurfyx @etrepum @fantactuka @facebook-github-bot