Summary
addSystemMsg() still injects raw HTML into the DOM via innerHTML, while some call sites pass interpolated Error.message or t() output. A few call sites were hardened, but the sink itself is still unsafe-by-contract.
Current Review Status
- Partial after the 2026-04-18 pull audit
public/js/features/chat.ts now escapes some messagespublic/js/ui.ts:116-124 still does div.innerHTML = textpublic/js/features/i18n.ts:46-51 still interpolates raw values via String(v)
Why This Matters
A future call site can easily forget to escape user-controlled text and reopen an XSS / markup-injection path.
Suggested Scope
- Make
addSystemMsg() safe by default
- Move icon/emphasis rendering to DOM composition or a branded/trusted HTML contract
- Harden
t() interpolation or force escaping at call sites
Evidence
public/js/ui.ts:116-124public/js/features/chat.ts:100,102,122,144,381public/js/features/i18n.ts:46-51
Summary
addSystemMsg()still injects raw HTML into the DOM viainnerHTML, while some call sites pass interpolatedError.messageort()output. A few call sites were hardened, but the sink itself is still unsafe-by-contract.Current Review Status
public/js/features/chat.tsnow escapes some messagespublic/js/ui.ts:116-124still doesdiv.innerHTML = textpublic/js/features/i18n.ts:46-51still interpolates raw values viaString(v)Why This Matters
A future call site can easily forget to escape user-controlled text and reopen an XSS / markup-injection path.
Suggested Scope
addSystemMsg()safe by defaultt()interpolation or force escaping at call sitesEvidence
public/js/ui.ts:116-124public/js/features/chat.ts:100,102,122,144,381public/js/features/i18n.ts:46-51