Skyler Grey
26b25a6cb6
We're basing this off the https://docs.astro.build/en/guides/markdown-content/#markdown-plugins section of the astro docs, as well as some other remark information. We have disabled XSS protection early in the rendering pipeline due to a later sanitization step. This is mentioned on the remark docs and we have tested it with some basic XSS examples
26 lines
789 B
JavaScript
26 lines
789 B
JavaScript
import { defineConfig } from 'astro/config';
|
|
|
|
import rehypeSanitize from 'rehype-sanitize';
|
|
import rehypeStringify from 'rehype-stringify';
|
|
import rehypeRaw from 'rehype-raw';
|
|
import remarkParse from 'remark-parse';
|
|
import remarkRehype from 'remark-rehype';
|
|
|
|
// https://astro.build/config
|
|
export default defineConfig({
|
|
markdown: {
|
|
remarkRehype: {
|
|
allowDangerousHtml: true
|
|
// This is fine because we are using rehypeSanitize to sanitize XSS.
|
|
// See https://github.com/remarkjs/remark-rehype?tab=readme-ov-file#example-supporting-html-in-markdown-properly
|
|
},
|
|
remarkPlugins: [
|
|
remarkParse,
|
|
remarkRehype,
|
|
rehypeRaw,
|
|
rehypeSanitize,
|
|
rehypeStringify,
|
|
]
|
|
}
|
|
});
|