🚑 Corrige un problème de sécurité de l'éditeur

Faille XSS potentielle corrigée grâce à la doc

package.json

@@ -44,6 +44,7 @@
         "react-crypt-gsm": "^1.0.4",
         "react-query": "^3.34.12",
         "react-router-dom": "^5.3.0",
+        "rehype-sanitize": "^5.0.1",
         "storage-encryption": "^1.0.16"
     }
 }

resources/js/components/pages/Form.tsx

@@ -2,6 +2,7 @@ import * as React from 'react';
 import {EncryptStorage} from 'storage-encryption';
 import {Button, Stack, TextField} from "@mui/material";
 import MDEditor from '@uiw/react-md-editor';
+import rehypeSanitize from "rehype-sanitize";
 let encryptStorage = new EncryptStorage('test'); // TODO la clef doit venir de l'utilisateur
 
 export default function PageForm({setListPages, csrf, url, passphrase}) {
@@ -77,6 +78,9 @@ export default function PageForm({setListPages, csrf, url, passphrase}) {
                 <MDEditor
                     value={content}
                     onChange={updateContent}
+                    previewOptions={{
+                        rehypePlugins: [[rehypeSanitize]],
+                    }}
                   />
                 <Button variant="contained" type={"submit"}>
                     Enregistrer