From c1533f832088bc21b4ea882064f28c55573f86ea Mon Sep 17 00:00:00 2001
From: Priyankar Pal <88102392+priyankarpal@users.noreply.github.com>
Date: Thu, 10 Oct 2024 20:02:25 +0530
Subject: [PATCH] Fix code scanning alert no. 6: DOM text reinterpreted as HTML
 (#1547)

Signed-off-by: Priyankar Pal  <88102392+priyankarpal@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 src/plays/personal-profile-card/components/profile-form.tsx | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/plays/personal-profile-card/components/profile-form.tsx b/src/plays/personal-profile-card/components/profile-form.tsx
index 80d58d52b8..167fc21749 100644
--- a/src/plays/personal-profile-card/components/profile-form.tsx
+++ b/src/plays/personal-profile-card/components/profile-form.tsx
@@ -1,4 +1,5 @@
 import React from 'react';
+import DOMPurify from 'dompurify';
 
 import ProfileType from '../types';
 import placeholder_cover from '../images/placeholder_cover.jpg';
@@ -27,7 +28,7 @@ const ProfileForm = ({ value, profile, onChange, onClick, onUpload, onClear }: P
         <img
           alt={value.cover === '' ? 'placeholder cover' : 'cover'}
           className="w-full md:w-[600px] h-[150px] sm:h-[200px] rounded-3xl"
-          src={value.cover === '' ? placeholder_cover : value.cover}
+          src={value.cover === '' ? placeholder_cover : DOMPurify.sanitize(value.cover)}
         />
         <input
           accept="image/*"