From d6ee7bc320eac1f92110962ccc2958a4092e3077 Mon Sep 17 00:00:00 2001 From: Leigh Stillard Date: Tue, 24 Mar 2026 01:25:26 +0000 Subject: [PATCH] fix(security): simplify attributes merge to prevent future override The previous Object.fromEntries spread would silently overwrite the custom abbr attribute list if rehype-sanitize adds abbr to its default schema in a future version. Simplify to a direct merge. --- src/renderer/utils/markdownPlugins.ts | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/src/renderer/utils/markdownPlugins.ts b/src/renderer/utils/markdownPlugins.ts index 19ebf4fe..a4089d76 100644 --- a/src/renderer/utils/markdownPlugins.ts +++ b/src/renderer/utils/markdownPlugins.ts @@ -36,14 +36,8 @@ const sanitizeSchema: SanitizeSchema = { ], attributes: { ...defaultSchema.attributes, - // Preserve default global attributes - '*': [...(defaultSchema.attributes?.['*'] ?? [])], // Allow title on abbr (for tooltip definitions) - abbr: ['title'], - // Preserve all existing attribute rules - ...Object.fromEntries( - Object.entries(defaultSchema.attributes ?? {}).filter(([k]) => k !== '*') - ), + abbr: [...(defaultSchema.attributes?.['abbr'] ?? []), 'title'], }, };