diff options
Diffstat (limited to 'app/assets/javascripts/notebook/cells')
-rw-r--r-- | app/assets/javascripts/notebook/cells/output/html.vue | 11 | ||||
-rw-r--r-- | app/assets/javascripts/notebook/cells/output/index.vue | 4 |
2 files changed, 10 insertions, 5 deletions
diff --git a/app/assets/javascripts/notebook/cells/output/html.vue b/app/assets/javascripts/notebook/cells/output/html.vue index a3d7ddd5bad..dc5b2b66348 100644 --- a/app/assets/javascripts/notebook/cells/output/html.vue +++ b/app/assets/javascripts/notebook/cells/output/html.vue @@ -1,5 +1,5 @@ <script> -/* eslint-disable vue/no-v-html */ +import { GlSafeHtmlDirective } from '@gitlab/ui'; import { sanitize } from '~/lib/dompurify'; import Prompt from '../prompt.vue'; @@ -7,6 +7,9 @@ export default { components: { Prompt, }, + directives: { + SafeHtml: GlSafeHtmlDirective, + }, props: { count: { type: Number, @@ -23,9 +26,7 @@ export default { }, computed: { sanitizedOutput() { - return sanitize(this.rawCode, { - ALLOWED_ATTR: ['src'], - }); + return sanitize(this.rawCode); }, showOutput() { return this.index === 0; @@ -37,6 +38,6 @@ export default { <template> <div class="output"> <prompt type="Out" :count="count" :show-output="showOutput" /> - <div class="gl-overflow-auto" v-html="sanitizedOutput"></div> + <div v-safe-html="sanitizedOutput" class="gl-overflow-auto"></div> </div> </template> diff --git a/app/assets/javascripts/notebook/cells/output/index.vue b/app/assets/javascripts/notebook/cells/output/index.vue index f2d3796cccf..113d8cfc435 100644 --- a/app/assets/javascripts/notebook/cells/output/index.vue +++ b/app/assets/javascripts/notebook/cells/output/index.vue @@ -31,6 +31,8 @@ export default { return 'text/plain'; } else if (output.data['image/png']) { return 'image/png'; + } else if (output.data['image/jpeg']) { + return 'image/jpeg'; } else if (output.data['text/html']) { return 'text/html'; } else if (output.data['image/svg+xml']) { @@ -53,6 +55,8 @@ export default { return CodeOutput; } else if (output.data['image/png']) { return ImageOutput; + } else if (output.data['image/jpeg']) { + return ImageOutput; } else if (output.data['text/html']) { return HtmlOutput; } else if (output.data['image/svg+xml']) { |