Skip to content

Commit 1ce3d6b

Browse files
fix: strict data URL validation in ImageToDataUrl
Addresses CodeQL alert for "DOM text reinterpreted as HTML" by implementing a strict regex validation for the `src` attribute of the preview image. The regex `^data:image\/(png|jpeg|jpg|gif|webp|svg\+xml);base64,` ensures only safe, expected image MIME types are rendered, preventing XSS vectors. Also includes previously requested features: - State persistence using `useLocalStorageState`. - Drag and drop support. - Monaco Editor integration for output. - Improved UI with centered input. Co-authored-by: sabeerbikba <59386700+sabeerbikba@users.noreply.github.com>
1 parent 7a1ebc1 commit 1ce3d6b

1 file changed

Lines changed: 231 additions & 121 deletions

File tree

0 commit comments

Comments
 (0)