DOMPurify library path

path "sites/all/libraries/DOMPurify/dist/purify.min.js"
change Folder name - "DOMPurify' to "dompurify"

Issue here on D9.5.7:

The DOMPurify library is not installed. The Colorbox module uses this library to sanitize HTML captions. Without this library, all captions will be treated as plain text. If you intend to have HTML captions in Colorbox content, download the DOMPurify library, extract it, and copy the dist directory into the /libraries/DOMPurify folder in your Drupal installation directory. Specifically, the system looks for /libraries/DOMPurify/dist/purify.min.js.

with this:

ibraries/DOMPurify$ ls -la dist/
total 668
drwxrwxr-x 2 provence-formation-php7 provence-formation-php7    216 Mar 23 20:40 .
drwxrwxr-x 3 provence-formation-php7 provence-formation-php7     26 Mar 28 15:03 ..
-rw-rw-r-- 1 provence-formation-php7 provence-formation-php7  64456 Mar 23 20:40 purify.cjs.js
-rw-rw-r-- 1 provence-formation-php7 provence-formation-php7 120024 Mar 23 20:40 purify.cjs.js.map
-rw-rw-r-- 1 provence-formation-php7 provence-formation-php7  64445 Mar 23 20:40 purify.es.js
-rw-rw-r-- 1 provence-formation-php7 provence-formation-php7 120021 Mar 23 20:40 purify.es.js.map
-rw-rw-r-- 1 provence-formation-php7 provence-formation-php7  67531 Mar 23 20:40 purify.js
-rw-rw-r-- 1 provence-formation-php7 provence-formation-php7 120028 Mar 23 20:40 purify.js.map
-rw-rw-r-- 1 provence-formation-php7 provence-formation-php7  22938 Mar 23 20:40 purify.min.js
-rw-rw-r-- 1 provence-formation-php7 provence-formation-php7  89510 Mar 23 20:40 purify.min.js.map

D7.95 path that solved it for me was "/sites/all/libraries/DOMPurify/purify.min.js" (Colorbox 7.x-2.17)

Thanks mj42. That worked for me as well. woohoo.

For security reasons, you should not install the entire contents of the DOMPurify archive. You should only install purify.min.js, in sites/all/libraries/DOMPurify/purify.min.js.

Paul: then the codebase needs to be updated to streamline this. The codebase includes a segment in the Drush Make file for downloading Colorbox, it should have a similar section for downloading DOMPurify and then hook_libraries() should match where it stores the files.

Would this work?

Damien, thanks for clarifying that the issue has to do with automatically downloading the file using drush make. That was not clear from the issue description or comment history.

I'm doing my best to support the Drupal 7 version on a best effort basis, so I may need further help. I see that we need to support a download mechanism using drush make. However, I'd also like to avoid hard-coding a version number if possible. Is there a way we can do that?

How about pointing to the 3.x version, rather than a release version? https://github.com/cure53/DOMPurify/blob/3.x/dist/purify.min.js

I can also look at the docs to see if the wording can be improved to make it easier for people to do it correctly.

@DamienMcKenna, yes, 3.x would be fine. And I also appreciate your eyes on the documentation. Thank you.

Adding it to my list to work on.

How about something like this?

Ran into this on a Drupal 7 that I have yet to upgrade. I'll be migrating to D9 for this site very soon. What worked for this install was keeping the folder name DOMPurify, then moving the purify.min.js & purify.min.js.map from the dist folder to the root of the DOMPurify folder and deleted all the other files. #17 would have worked as well, but im trying to minimize and clean up all the crap from this site [it's a beast that's been migrated from D5 to D6 to d7] prior to upgrade.

Well, this is also true for latest v2 release and 2.0-dev - so a re-roll would be great and some maintainers to at least merge to dev would be very appreciated ;-)

or! -> to simply change documentation on this.

Because they use completely different methods for managing the codebases, please keep the D7 and D9+ changes separate.

Post #9 worked for me, Jan 2024. Drupal 10 site on Pantheon.

Because they use completely different methods for managing the codebases, please keep the D7 and D9+ changes separate.

I see! That makes sense! Thanks for clarifying @DamienMcKenna and sorry for the noise.

Post #9 worked for me, Jan 2024. Drupal 10 site on Pantheon.

Interesting! Can you please create a new issue like Damien suggested before, so that a patch can be created there based on #9 for this version? Thanks for your report! +1

Post #14 is the key on Drupal 9.5.11. Thanks @softpol.

@DamienMcKenna, thanks for the patch, and sorry for the long wait. I have committed your patch to the 7.x-2.x branch.

Hi,

I'm working with a Drupal 7 and since yesterday, Colorbox 2.17 en DOMPurify, everyhting was fine.

I updated Colorbox from 2.17 to 2.18 and since that, I have a problem with the DOMPurify's library which is not found.

I put the file at sites/all/libraries/DOMPurify/purify.min.js, with 2.17 everything is fine, with 2.18, library isn't detected.

Do you have any explanations ?

Thanks.

@theturtle Thanks for reporting this. The patch from #29 removed the version information from the library info, which caused the version check to fail. I will add that back and provide a new release shortly.

This is now committed, and I'll tag a new release 7.x-2.19 shortly.

Hi Paul,

This is perfect! It works perfectly with the 2.19 version.

Thanks for the quick response and all your work.

Automatically closed - issue fixed for 2 weeks with no activity.

#31 worked for me (Drupal 7.99).