diff --git a/src/components/card.js b/src/components/card.js
index 8343de477..52efe2092 100644
--- a/src/components/card.js
+++ b/src/components/card.js
@@ -8,6 +8,7 @@ import defaultImg from "../../content/assets/default-blog.webp"
import kebabCase from "lodash/kebabCase"
import Img from "gatsby-image"
import getTimeToRead from "../utils/timeToRead"
+import DOMPurify from 'dompurify'; // Import DOMPurify
const Card = ({ node }) => {
const tags = node.frontmatter.tags || ""
@@ -51,7 +52,7 @@ const Card = ({ node }) => {
diff --git a/src/components/pinnedCard.js b/src/components/pinnedCard.js
index 432190734..b8720888d 100644
--- a/src/components/pinnedCard.js
+++ b/src/components/pinnedCard.js
@@ -4,6 +4,7 @@ import Img from "gatsby-image"
import kebabCase from "lodash/kebabCase"
import React from "react"
import ReactGA from "react-ga"
+import DOMPurify from "dompurify" // Import DOMPurify
import defaultImg from "../../content/assets/default-blog.webp"
import freeTrialImg from "../../content/assets/freetrial.webp"
import getTimeToRead from "../utils/timeToRead"
@@ -58,7 +59,7 @@ const PinnedCard = props => {
diff --git a/src/components/post.js b/src/components/post.js
index 2b0ccd40e..c8f165675 100644
--- a/src/components/post.js
+++ b/src/components/post.js
@@ -19,6 +19,7 @@ import IdentityTagMenu from "./tagmenu/identity"
import getTimeToRead from "../utils/timeToRead"
import Bio from "./bio"
import ToC from "./toc"
+import DOMPurify from 'dompurify';
const eventLogger = function ({ category, action, label }) {
ReactGA.event({
@@ -88,7 +89,7 @@ const Post = ({ post, relatedPost, type }) => {
}
})
- setModifiedHtml(doc.body.innerHTML)
+ setModifiedHtml(DOMPurify.sanitize(doc.body.innerHTML))
}, [post.html])
const faqJsonData = extractFAQs(post.html)
let faqSchema = {}
@@ -125,7 +126,7 @@ const Post = ({ post, relatedPost, type }) => {
@@ -185,7 +186,7 @@ const Post = ({ post, relatedPost, type }) => {
{author.id}
-
+