From d373c469762c88d24e3dd8a45ce4460e183973ad Mon Sep 17 00:00:00 2001
From: balibabu <cike8899@users.noreply.github.com>
Date: Fri, 16 May 2025 09:53:34 +0800
Subject: [PATCH] Fix: Use DOMPurify to filter out dangerous HTML #7668 (#7669)

### What problem does this PR solve?

Fix: Use DOMPurify to filter out dangerous HTML #7668

### Type of change

- [x] Bug Fix (non-breaking change which fixes an issue)
---
 web/src/pages/chat/markdown-content/index.tsx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/src/pages/chat/markdown-content/index.tsx b/web/src/pages/chat/markdown-content/index.tsx
index b3c1988f9..a62de227f 100644
--- a/web/src/pages/chat/markdown-content/index.tsx
+++ b/web/src/pages/chat/markdown-content/index.tsx
@@ -50,7 +50,7 @@ const MarkdownContent = ({
   const { setDocumentIds, data: fileThumbnails } =
     useFetchDocumentThumbnailsByIds();
   const contentWithCursor = useMemo(() => {
-    let text = content;
+    let text = DOMPurify.sanitize(content);
     if (text === '') {
       text = t('chat.searching');
     }