]||[],e[s]||[]);for(const e of i)pe(e,n)||t.removeAttribute(e.nodeName)}return i.body.innerHTML}(t,this._config.allowList,this._config.sanitizeFn):t}_resolvePossibleFunction(t){return v(t,[this])}_putElementInTemplate(t,e){if(this._config.html)return e.innerHTML="",void e.append(t);e.textContent=t.textContent}}const Ae=new Set(["sanitize","allowList","sanitizeFn"]),Ee="fade",Ce="show",Te=".modal",ke="hide.bs.modal",Se="hover",Le="focus",Oe={AUTO:"auto",TOP:"top",RIGHT:p()?"left":"right",BOTTOM:"...

regExp.length; i < len; i++) {\n    if (regExp[i].test(attrName)) {\n      return true\n    }\n  }\n\n  return false\n}\n\nexport function sanitizeHtml(unsafeHtml, whiteList, sanitizeFn) {\n  if (unsafeHtml.length === 0) {\n    return unsafeHtml\n  }\n\n  if (sanitizeFn && typeof sanitizeFn === 'function') {\n    return sanitizeFn(unsafeHtml)\n  }\n\n  const domParser = new window.DOMParser()\n  const createdDocument = domParser.parseFromString(unsafeHtml, 'text/html')\n  const whitelistKeys = Object.keys(whiteList)\n...

e.js'\nimport Config from './config.js'\nimport { DefaultAllowlist, sanitizeHtml } from './sanitizer.js'\nimport { execute, getElement, isElement } from './index.js'\n\n/**\n * Constants\n */\n\nconst NAME = 'TemplateFactory'\n\nconst Default = {\n  allowList: DefaultAllowlist,\n  content: {}, // { selector : text ,  selector2 : text2 , }\n  extraClass: '',\n  html: false,\n  sanitize: true,\n  sanitizeFn: null,\n  template: '<div></div>'\n}\n\nconst DefaultType = {\n  allowList: 'object',\n  content:...

if(i[o].test(n))return!0;return!1})(t,r)||i.removeAttribute(t.nodeName)}))},l=0,r=a.length;l<r;l++)s(l);return i.body.innerHTML}var It="tooltip",kt="bs.tooltip",Ot=o.default.fn.tooltip,jt=new RegExp("(^|\\s)bs-tooltip\\S+","g"),Pt=["sanitize","whiteList","sanitizeFn"],Lt="fade",Rt="show",xt="show",qt="out",Ft="hover",Qt="focus",Bt={AUTO:"auto",TOP:"top",RIGHT:"right",BOTTOM:"bottom",LEFT:"left"},Ht={animation:!0,template:'<div class="tooltip" role="tooltip"><div class="arrow"></div><div class="t...

        if (logger.isDebugEnabled()) {
            logger.debug("MarkdownRenderer initialized with commonmark and OWASP sanitizer");
        }
    }

    /**
     * Renders markdown text to sanitized HTML.
     *
     * @param markdown the markdown text to render
     * @return sanitized HTML string
     */
    public String render(final String markdown) {
        if (markdown == null || markdown.isEmpty()) {

        return redirect(getClass()); // no-op
    }

    /**
     * Sanitizes a filename by removing path traversal sequences and whitespace.
     *
     * @param filename the filename to sanitize
     * @return the sanitized filename
     */
    public static String sanitizeFilename(final String filename) {

        String sanitized1 = AdminLogAction.sanitizeFilename("../../../var/log/auth.log");
        assertEquals("/var/log/auth.log", sanitized1);
        assertTrue(AdminLogAction.isLogFilename(sanitized1));

        String sanitized2 = AdminLogAction.sanitizeFilename("....//....//var/log/syslog.log");
        assertEquals("/var/log/syslog.log", sanitized2);

        // Test that custom sessionId is sanitized
        Crawler.Options options = new Crawler.Options();
        options.sessionId = "test-session-123";

        // Simulate what process() does - sanitize sessionId
        if (options.sessionId != null) {
            options.sessionId = options.sessionId.replaceAll("-", "_");
        }

        // Check that sessionId was sanitized (hyphens replaced with underscores)

     */
    function scrollToBottom() {
        elements.chatMessages.scrollTop(elements.chatMessages[0].scrollHeight);
    }

    /**
     * Render Markdown text to sanitized HTML.
     * Policy is aligned with server-side MarkdownRenderer (OWASP sanitizer).
     */
    var markdownDomPurifyInitialized = false;
    var markdownSanitizeConfig = {
        ALLOWED_TAGS: ['h1','h2','h3','h4','h5','h6',

                }
                if (sanitized.length() > 0) {
                    sanitized.append('/');
                }
                sanitized.append(component);
            }

            final Path resolved = Paths.get(exportPath, sanitized.toString()).normalize();
            final Path baseDir = Paths.get(exportPath).normalize();