Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: No CSP trusted-types support #5650

Open
1 task done
MathiasWP opened this issue Sep 24, 2024 · 1 comment
Open
1 task done

[Bug]: No CSP trusted-types support #5650

MathiasWP opened this issue Sep 24, 2024 · 1 comment
Labels
Category: Open Source The issue or pull reuqest is related to the open source packages of Tiptap. Type: Bug The issue or pullrequest is related to a bug

Comments

@MathiasWP
Copy link

Affected Packages

core

Version(s)

2.7.2

Bug Description

Setting required-trusted-types-for to script and then trying to specify the trusted-types does not work with tiptap.

The error thrown is:

dom.js:7 
       Uncaught (in promise) TypeError: Failed to execute 'parseFromString' on 'DOMParser': This document requires 'TrustedHTML' assignment.
    at elementFromString (dom.js:7:35)
    at MarkdownParser2.parse (MarkdownParser.js:31:29)
    at Object.onBeforeCreate (Markdown.js:51:75)
    at EventEmitter.ts:29:46
    at Array.forEach (<anonymous>)
    at Editor.emit (EventEmitter.ts:29:17)
    at new Editor (Editor.ts:104:10)

And it seems like this this is the culprit:

export function elementFromString(value) {
    // add a wrapper to preserve leading and trailing whitespace
    const wrappedValue = `<body>${value}</body>`

    return new window.DOMParser().parseFromString(wrappedValue, 'text/html').body
								  ^ This is not possible without trusted-types
}

Browser Used

Chrome

Code Example URL

No response

Expected Behavior

It would be nice to have support for trusted types.

Additional Context (Optional)

No response

Dependency Updates

  • Yes, I've updated all my dependencies.
@MathiasWP MathiasWP added Category: Open Source The issue or pull reuqest is related to the open source packages of Tiptap. Type: Bug The issue or pullrequest is related to a bug labels Sep 24, 2024
@nperez0111
Copy link
Contributor

#5559

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Category: Open Source The issue or pull reuqest is related to the open source packages of Tiptap. Type: Bug The issue or pullrequest is related to a bug
Projects
Tiptap
Status: Triage open
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nperez0111 @MathiasWP