Harden ReactMarkdown rendering against javascript: URI injection

[Copilot]

Adding or modifying a card/dashboard? Read the Card Development Guide first — it covers required patterns, common pitfalls, and the full file checklist.

New CNCF project card? New cards go in kubestellar/console-marketplace, not this repo. PRs adding new cards here will be redirected.

Use a coding agent. This repo is primarily developed with Claude Code (Opus 4.5/4.6). It knows all codebase patterns (isDemoData, useCardLoadingState, locale strings, DCO). Manual PRs that miss required patterns will be sent back.

📝 Summary of Changes

Five markdown render paths accepted untrusted content without a sanitize pass, allowing javascript: link payloads to survive into rendered output. This PR aligns those paths with the repo’s existing secure markdown pattern by enforcing rehype-sanitize (and GFM in MessageBubble).

• Security hardening
  • Added rehypePlugins={[rehypeSanitize]} to ReactMarkdown in:
    • web/src/components/stellar/MessageBubble.tsx
    • web/src/components/updates/WhatsNewModal.tsx (all render sites)
    • web/src/components/feedback/SubmitTab.tsx
    • web/src/components/feedback/FeedbackDialogs.tsx
• Markdown parity in chat surface
  • Added remarkPlugins={[remarkGfm]} in MessageBubble.tsx for consistent markdown behavior on Stellar responses.
• Scope verification
  • ExecutiveAnalysis.tsx already had rehypeSanitize; no code change was required there.

// before
<ReactMarkdown>{msg.content}</ReactMarkdown>

// after
<ReactMarkdown remarkPlugins={[remarkGfm]} rehypePlugins={[rehypeSanitize]}>
  {msg.content}
</ReactMarkdown>

---

Changes Made

• Updated ReactMarkdown usage in vulnerable components to include rehype-sanitize
• Refactored MessageBubble markdown config to include remark-gfm + sanitize pipeline
• Fixed unsafe markdown link rendering path for untrusted content sources
• Added tests for MessageBubble to assert javascript: links are not rendered as clickable links

---

Checklist

Please ensure the following before submitting your PR:

• I used a coding agent (Claude Code, Copilot, Gemini, or Codex) to generate/review this code
• I have reviewed the project's contribution guidelines
• New cards target console-marketplace, not this repo
• isDemoData is wired correctly (cards show Demo badge when using demo data)
• I have written unit tests for the changes (if applicable)
• I have tested the changes locally and ensured they work as expected
• All commits are signed with DCO (git commit -s)

---

Screenshots or Logs (if applicable)

N/A (security behavior change in markdown rendering; no UI layout change).

---

👀 Reviewer Notes

• ExecutiveAnalysis.tsx was included in the finding, but already uses rehypeSanitize; this PR leaves it unchanged intentionally.
• Focus is strictly on sanitization coverage and minimal risk surface.

[kubestellar-prow]

Thanks for your pull request. Before we can look at it, you'll need to add a 'DCO signoff' to your commits.

📝 Please follow instructions in the contributing guide to update your commits with the DCO

Full details of the Developer Certificate of Origin can be found at developercertificate.org.

The list of commits missing DCO signoff:

• 7cd3644 Initial plan

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[kubestellar-prow]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please ask for approval from clubanderson. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[github-actions]

Auto Test Generator

The following new files have no corresponding test file:

• web/src/components/feedback/FeedbackDialogs.tsx
• web/src/components/feedback/SubmitTab.tsx

Please add tests or apply the needs-tests label to track this PR.

[github-actions]

✅ Test Coverage Check

All new source files in this PR have corresponding test files.

Checked web/src/hooks/ and web/src/components/ against origin/main.

[github-actions]

Status Check — Draft PR Stalled

This draft PR has had no activity for ~1h20m (last update: 19:38 UTC, checked at 20:57 UTC), exceeding the 1-hour stuck threshold.

Current status:

• Build / CI: ✅ All checks passing (38 checks completed successfully)
• Draft: Still a work-in-progress draft
• DCO signoff: ❌ Missing — commit 7cd3644 ("Initial plan") lacks Signed-off-by trailer (dco-signoff: no label set)
• Review: Not approved, no reviewers assigned
• Label: ai-needs-human now set

Observations:

• The PR adds rehypeSanitize to multiple ReactMarkdown components and remarkGfm to MessageBubble
• The only commit is "Initial plan" — it may be a planning commit without the actual code changes committed yet
• DCO signoff is required on all commits before merging

Recommended next steps for a human maintainer:

1. Verify whether the actual code changes were committed (the PR body describes specific file changes — check if they are present in the diff)
2. If the changes exist but the DCO is missing, the commit needs to be amended with a Signed-off-by trailer
3. If only a planning commit exists, the implementation may not have been completed — consider whether to restart the AI agent or close the PR

Generated by Stuck Detection Workflow · sonnet46 1M · ◷

[github-actions]

Status Check — Draft PR Stalled (2.5 Hours)

This draft PR remains stalled with no new activity. Last status check was posted at 21:00 UTC; this update is at 23:28 UTC (~2.5 hours later).

Current status:

• Build / CI: ✅ All 38 checks passing
• Draft: Still open as work-in-progress
• DCO signoff: ❌ Missing — commit 7cd3644 ("Initial plan") lacks Signed-off-by trailer
• Review: Not approved, no reviewers assigned
• Labels: ai-needs-human already set

Summary:
This PR adds rehypeSanitize to ReactMarkdown usage in MessageBubble.tsx, WhatsNewModal.tsx, SubmitTab.tsx, and FeedbackDialogs.tsx. The build passes but the PR remains in draft with a missing DCO signoff.

Blocking issues:

1. ❌ DCO signoff missing — the only commit needs a Signed-off-by trailer before this can merge
2. 📝 Draft state — PR needs to be converted to ready-for-review after DCO is resolved

Recommended next steps for a human maintainer:

1. Verify the actual security hardening changes are present in the diff (the PR body describes specific file changes)
2. If changes are present but DCO is missing, amend the commit with a Signed-off-by trailer
3. If only a planning commit exists with no code changes, consider restarting the AI agent or closing this PR
4. Once DCO is resolved, convert from draft to ready-for-review and request a code review

Generated by Stuck Detection Workflow · sonnet46 1.2M · ◷

[github-actions]

Status Check — Draft PR Still Stalled (Overnight)

No new activity since the last status check (~2h52m ago at 23:31 UTC). This update is at 02:23 UTC.

Current status:

• Build / CI: ✅ All 38 checks passing
• Draft: Still open as work-in-progress
• DCO signoff: ❌ Missing — commit 7cd3644 ("Initial plan") lacks Signed-off-by trailer
• Review: Not approved, no reviewers assigned
• Label: ai-needs-human already set

No change in state. Human review is recommended at the start of business hours.

Blocking issues (unchanged):

1. ❌ DCO signoff missing on the only commit
2. 📝 Still in draft state — needs conversion to ready-for-review after DCO is resolved

Recommended next steps:

1. Verify the actual security hardening changes are in the diff (rehypeSanitize additions to MessageBubble.tsx, WhatsNewModal.tsx, SubmitTab.tsx, FeedbackDialogs.tsx)
2. If changes are present, amend the commit with a Signed-off-by trailer to satisfy DCO
3. If only a planning commit exists with no code, consider restarting the AI agent or closing this PR

Generated by Stuck Detection Workflow · sonnet46 934.1K · ◷

[github-actions]

Status Check — Draft PR Stalled (Morning Update, ~12 Hours)

No new activity since the last status check at 02:26 UTC (~5 hours ago). Current time: 07:31 UTC (pre-business hours).

Current status:

• Build / CI: ✅ All 38 checks passing
• Draft: Still open as work-in-progress
• DCO signoff: ❌ Missing — commit 7cd3644 ("Initial plan") lacks Signed-off-by trailer
• Review: Not approved, no reviewers assigned
• Label: ai-needs-human already set

No change in state. This PR has now been stalled ~12 hours.

Blocking issues (unchanged):

1. ❌ DCO signoff missing on the only commit
2. 📝 Still in draft state — needs conversion to ready-for-review after DCO is resolved
3. ⚠️ Unclear whether the actual security hardening code changes are present (only commit is "Initial plan")

Recommended next steps for a human maintainer at start of business hours:

1. Inspect the PR diff to confirm whether rehypeSanitize additions to MessageBubble.tsx, WhatsNewModal.tsx, SubmitTab.tsx, and FeedbackDialogs.tsx are actually present
2. If changes are present but DCO is missing, amend the commit with a Signed-off-by trailer
3. If only a planning commit exists with no code, consider restarting the AI agent or closing this PR and re-opening from the linked issue

Generated by Stuck Detection Workflow · sonnet46 846.1K · ◷

[clubanderson]

This PR is superseded by #17158 which addresses the same ReactMarkdown XSS finding, is not a draft, has dco-signoff: yes, and covers all the same files. Please close this PR in favor of #17158.

— sec-check agent (ACMM L6)

[github-actions]

Status Check — Resolution Path Identified (~16.5 Hours)

No new activity since the human collaborator comment at 10:12 UTC (~1h53m ago). Last stuck-detection status comment was at 07:34 UTC (~4.5h ago).

Current status:

• Build / CI: ✅ All 38 checks passing
• Draft: Still open as work-in-progress
• DCO signoff: ❌ Missing — commit 7cd3644 ("Initial plan") lacks Signed-off-by trailer
• Label: ai-needs-human already set

Resolution path identified by maintainer:
At 10:12 UTC, @clubanderson noted that this PR is superseded by #17158, which:

• Addresses the same ReactMarkdown XSS / `(redacted) URI injection finding
• Is not a draft
• Has dco-signoff: yes
• Covers all the same files (MessageBubble.tsx, FeedbackDialogs.tsx, SubmitTab.tsx, WhatsNewModal.tsx)

Recommended next steps for a human maintainer:

1. Close this PR in favor of [sec-check] fix: add rehypeSanitize to ReactMarkdown components (XSS via javascript: URIs) #17158 — the fix is already in a cleaner, ready-to-review PR
2. Verify [sec-check] fix: add rehypeSanitize to ReactMarkdown components (XSS via javascript: URIs) #17158 has passing checks and approve/merge it to resolve the XSS finding
3. No action is needed on this PR beyond closure

Generated by Stuck Detection Workflow · sonnet46 1.3M · ◷

[github-actions]

Status Check Update — ~18h Stalled, Resolution PR Still Awaiting Review

No new activity on this draft PR since the last status check at 12:09 UTC (~2h ago). Labels and state unchanged.

Resolution path (identified by @clubanderson at 10:12 UTC): Close this PR in favor of #17158, which addresses the same ReactMarkdown XSS/`(redacted) URI injection finding.

PR #17158 current status:

• Checks: ✅ All meaningful checks passing (post-directions failure is a minor automated check)
• DCO signoff: ✅ Yes
• State: Open, not draft — ready for review
• Last activity: 2026-06-06T22:28 UTC (~16h ago, no reviews yet)

This PR remains blocked on:

1. ❌ DCO signoff missing on only commit (7cd3644)
2. 📝 Still in draft state

Recommended next steps for a human maintainer:

1. Review and approve [sec-check] fix: add rehypeSanitize to ReactMarkdown components (XSS via javascript: URIs) #17158 to resolve the XSS security finding
2. Close this PR (Harden ReactMarkdown rendering against javascript: URI injection #17151) once [sec-check] fix: add rehypeSanitize to ReactMarkdown components (XSS via javascript: URIs) #17158 is merged or approved

Generated by Stuck Detection Workflow · sonnet46 1.2M · ◷

[github-actions]

Status Check — Stalled ~21 Hours, Resolution PR Needs Review

No activity on this draft PR since the last status check at 14:19 UTC (~2h20m ago). State unchanged.

Current status:

• Build / CI: ✅ All 38 checks passing
• Draft: Still open as work-in-progress
• DCO signoff: ❌ Missing — commit 7cd3644 ("Initial plan") lacks Signed-off-by trailer
• Label: ai-needs-human already set

Resolution path (identified by @clubanderson at 10:12 UTC on June 7):
This PR is superseded by #17158, which:

• Addresses the same ReactMarkdown XSS / `(redacted) URI injection finding
• Is not a draft — ready for review
• Has dco-signoff: yes
• Covers all the same files (MessageBubble.tsx, FeedbackDialogs.tsx, SubmitTab.tsx, WhatsNewModal.tsx)

⚠️ PR #17158 also needs attention: It was created ~18 hours ago and has had no review activity since 22:28 UTC on June 6. It is open, not draft, DCO-signed, but unreviewed.

Recommended next steps for a human maintainer:

1. Review and merge (or approve) [sec-check] fix: add rehypeSanitize to ReactMarkdown components (XSS via javascript: URIs) #17158 to resolve this security finding
2. Close this PR (Harden ReactMarkdown rendering against javascript: URI injection #17151) once [sec-check] fix: add rehypeSanitize to ReactMarkdown components (XSS via javascript: URIs) #17158 is merged or approved

Generated by Stuck Detection Workflow · sonnet46 1.6M · ◷

[clubanderson]

✅ sec-check: Verified — Correct ReactMarkdown XSS Fix

All 5 affected ReactMarkdown render sites now have rehypeSanitize in their rehypePlugins array:

File	Before	After
MessageBubble.tsx	No sanitize	✅ rehypeSanitize + remarkGfm added
WhatsNewModal.tsx (x3 render sites)	No sanitize	✅ rehypeSanitize added
SubmitTab.tsx	No sanitize	✅ rehypeSanitize added
FeedbackDialogs.tsx	No sanitize	✅ rehypeSanitize added

Test added: MessageBubble.test.tsx verifies that javascript: links are blocked and https:// links render correctly. ✅

This PR is the correct fix. It needs:

1. DCO sign-off (git commit -s --amend on each commit)
2. Mark as ready for review

---

Filed by sec-check agent (ACMM L6 — full mode)

[github-actions]

Status Check — Conflicting Assessments, Needs Human Decision (~24 Hours)

No new bot activity since the last status check at 16:44 UTC (~2h52m ago), but a new human comment arrived at 17:39 UTC (~1h57m ago) that materially changes the situation.

Current status:

• Build / CI: ✅ All 38 checks passing
• Draft: Still open as work-in-progress
• DCO signoff: ❌ Missing — commit 7cd3644 ("Initial plan") lacks Signed-off-by trailer
• Label: ai-needs-human already set

⚠️ Conflicting assessments — human decision required:

Time	Author	Assessment
10:12 UTC (Jun 7)	@clubanderson	This PR is superseded by #17158 — close this PR
17:39 UTC (Jun 7)	@clubanderson (sec-check agent)	This PR IS the correct fix — needs DCO signoff + ready for review

Both comments are from the same author. The two assessments are mutually exclusive. A human maintainer needs to decide which path to take.

Option A — Keep this PR (#17151):

1. Add DCO signoff to commit 7cd3644 (git commit -s --amend)
2. Mark as ready for review (convert from draft)
3. Close [sec-check] fix: add rehypeSanitize to ReactMarkdown components (XSS via javascript: URIs) #17158 as superseded

Option B — Close this PR in favor of #17158:

1. Close this PR
2. Review and merge [sec-check] fix: add rehypeSanitize to ReactMarkdown components (XSS via javascript: URIs) #17158 (already has DCO signoff, all checks passing except minor post-directions check)

Generated by Stuck Detection Workflow · sonnet46 1.8M · ◷

[github-actions]

Status Check — Stalled ~27 Hours, Outside Business Hours

No new activity since the last status check at 19:41 UTC (~3h12m ago). State unchanged.

Current status:

• Build / CI: ✅ All 38 checks passing
• Draft: Still open as work-in-progress
• DCO signoff: ❌ Missing — commit 7cd3644 ("Initial plan") lacks Signed-off-by trailer
• Label: ai-needs-human already set
• Review: Not approved, no reviewers assigned

Decision still pending:
Two conflicting assessments exist from @clubanderson:

• 10:12 UTC: This PR is superseded by [sec-check] fix: add rehypeSanitize to ReactMarkdown components (XSS via javascript: URIs) #17158 — close this PR
• 17:39 UTC: This PR IS the correct fix — needs DCO signoff + ready for review

Recommended next steps at start of business hours:

1. Decide whether to keep this PR (fix DCO, convert from draft) or close it in favor of [sec-check] fix: add rehypeSanitize to ReactMarkdown components (XSS via javascript: URIs) #17158
2. PR [sec-check] fix: add rehypeSanitize to ReactMarkdown components (XSS via javascript: URIs) #17158 is an open (non-draft), DCO-signed alternative that covers the same files — it may be ready to merge once reviewed
3. Resolve the conflicting assessments before further automation acts on this item

Outside business hours — lower urgency. No new escalation needed.

Generated by Stuck Detection Workflow · sonnet46 1.6M · ◷

[github-actions]

Stuck Detection Report — 2026-06-08T11:41 UTC

No new stuck items found on this run.

Scan Summary

Category	Searched	New Stuck	Action Taken
Issues with ai-processing > 2h	4 found	0	None (all already labeled)
Issues with ai-awaiting-fix > 4h	0 found	0	None
Issues with ai-fix-requested + no PR > 2h	0 found	0	None
Draft PRs (AI) stuck > 1h without escalation	0 found	0	None
AI PRs with failing checks, not escalated	0 found	0	None

Already-Escalated Items (pre-existing)

11 open PRs and 4 open issues already carry ai-needs-human from prior workflow runs. These are awaiting human review and no duplicate action was taken.

Next scheduled run: ~30 minutes

Generated by Stuck Detection Workflow · sonnet46 1.1M · ◷

[kubestellar-prow]

PR needs rebase.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[github-actions]

Status Check — 2026-06-08T18:03 UTC (~46 hours stuck)

New activity since the last stuck-detection check at 11:45 UTC: prow bot flagged a rebase conflict at 14:04 UTC (needs-rebase label added).

Current status:

• Build / CI: ❌ Needs rebase (merge conflict)
• Draft: Still work-in-progress
• DCO signoff: ❌ Missing — commit 7cd3644 lacks Signed-off-by trailer
• Labels: ai-needs-human + needs-rebase set
• Conflicting assessments still unresolved (close vs keep in favor of [sec-check] fix: add rehypeSanitize to ReactMarkdown components (XSS via javascript: URIs) #17158)

Recommended Actions

A human maintainer must decide between:

• Option A — Keep this PR: Rebase onto main, add DCO signoff, convert from draft, close [sec-check] fix: add rehypeSanitize to ReactMarkdown components (XSS via javascript: URIs) #17158
• Option B — Close this PR: Close in favor of PR [sec-check] fix: add rehypeSanitize to ReactMarkdown components (XSS via javascript: URIs) #17158, which is a non-draft, DCO-signed alternative covering the same security hardening

This item has been awaiting a human decision for ~2 days.

Generated by Stuck Detection Workflow · sonnet46 1.4M · ◷

[github-actions]

Status Check — 2026-06-08T20:19 UTC (~48+ hours stuck)

No change since the last check at 18:07 UTC (~2 hours ago). This draft PR remains stalled.

Current status:

• Build / CI: ❌ Needs rebase (merge conflict — needs-rebase label set at 14:04 UTC)
• Draft: Still work-in-progress
• DCO signoff: ❌ Missing — commit 7cd3644 lacks Signed-off-by trailer
• Labels: ai-needs-human + needs-rebase
• A competing non-draft PR ([sec-check] fix: add rehypeSanitize to ReactMarkdown components (XSS via javascript: URIs) #17158) covering the same security hardening exists

Recommended Action

A human maintainer must decide between:

• Option A — Keep this PR: Rebase onto main, add DCO signoff, convert from draft, close [sec-check] fix: add rehypeSanitize to ReactMarkdown components (XSS via javascript: URIs) #17158
• Option B — Close this PR: Close in favor of PR [sec-check] fix: add rehypeSanitize to ReactMarkdown components (XSS via javascript: URIs) #17158, which is already non-draft and DCO-signed

This PR has now been awaiting a human decision for ~2 days. Closing is the lower-effort path if #17158 is already complete.

Generated by Stuck Detection Workflow · sonnet46 1.5M · ◷