fix(security): harden input validation schemas and fix SSR sanitize bypass

- blueprint rolePresets: cap array at 100 items to prevent storage abuse - notification CreateManagedNotification: add .max() on title (500), body (2000), type (100), entityType/entityId (200), link (1000), taskAction (200) - settings: add .max() on all string config fields; add regex allowlist (/^[a-zA-Z0-9._-]+$/) on model name fields (geminiModel, azureDalleDeployment, azureOpenAiDeployment) to prevent path manipulation - sanitizeHtml: fix SSR bypass — server-side branch now strips HTML tags instead of returning the raw string unchanged Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-09 21:38:16 +02:00
parent df191d1e03
commit 1833182e90
4 changed files with 25 additions and 22 deletions
@@ -6,6 +6,9 @@ import DOMPurify from "dompurify";
 * SSR-safe: returns the input unchanged on the server.
 */
 export function sanitizeHtml(dirty: string): string {
-  if (typeof window === "undefined") return dirty;
+  if (typeof window === "undefined") {
+    // Server-side: strip all HTML tags as a safe fallback
+    return dirty.replace(/<[^>]*>/g, "");
+  }
  return DOMPurify.sanitize(dirty, { ALLOWED_TAGS: [], ALLOWED_ATTR: [] });
 }