feat: Add astro config

We're basing this off the https://docs.astro.build/en/guides/markdown-content/#markdown-plugins section of the astro docs, as well as some other remark information. We have disabled XSS protection early in the rendering pipeline due to a later sanitization step. This is mentioned on the remark docs and we have tested it with some basic XSS examples
2024-05-17 00:03:55 +00:00 · 2024-05-17 00:03:55 +00:00 · 26b25a6cb6
parent a1e9459a60
commit 26b25a6cb6
1 changed files with 25 additions and 0 deletions
--- a/astro.config.mjs
+++ b/astro.config.mjs
@ -0,0 +1,25 @@
+import { defineConfig } from 'astro/config';
+
+import rehypeSanitize from 'rehype-sanitize';
+import rehypeStringify from 'rehype-stringify';
+import rehypeRaw from 'rehype-raw';
+import remarkParse from 'remark-parse';
+import remarkRehype from 'remark-rehype';
+
+// https://astro.build/config
+export default defineConfig({
+    markdown: {
+        remarkRehype: {
+            allowDangerousHtml: true
+            // This is fine because we are using rehypeSanitize to sanitize XSS.
+            // See https://github.com/remarkjs/remark-rehype?tab=readme-ov-file#example-supporting-html-in-markdown-properly
+        },
+        remarkPlugins: [
+            remarkParse,
+            remarkRehype,
+            rehypeRaw,
+            rehypeSanitize,
+            rehypeStringify,
+        ]
+    }
+});