Apply DOMPurify over HTML

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>

2 files changed, 3 insertions, 2 deletions

diff --git a/settings/js/apps.js b/settings/js/apps.js
index a527b354e68..65a05116557 100644
--- a/settings/js/apps.js
+++ b/settings/js/apps.js
@@ -189,7 +189,7 @@ OC.Settings.Apps = OC.Settings.Apps || {
 		}
 
 		// Parse markdown in app description
-		app.description = marked(app.description.trim(), OC.Settings.Apps.markedOptions);
+		app.description = DOMPurify.sanitize(marked(app.description.trim(), OC.Settings.Apps.markedOptions));
 
 		var html = template(app);
 		if (selector) {
@@ -653,7 +653,7 @@ OC.Settings.Apps = OC.Settings.Apps || {
 				return '';
 			}
 
-			var out = '<a href="' + href + '"';
+			var out = '<a href="' + href + '" rel="noreferrer noopener"';
 			if (title) {
 				out += ' title="' + title + '"';
 			}
diff --git a/settings/templates/apps.php b/settings/templates/apps.php
index bd1d4a2ba77..b609777e03b 100644
--- a/settings/templates/apps.php
+++ b/settings/templates/apps.php
@@ -5,6 +5,7 @@ vendor_script(
 	[
 		'handlebars/handlebars',
 		'marked/marked.min',
+		'DOMPurify/dist/purify.min',
 	]
 );
 script(