[sec-check] fix: add rehypeSanitize to ReactMarkdown components (XSS via javascript: URIs)

[clubanderson]

Security Fix

Severity: High
Type: XSS (CWE-79) — javascript: URI injection via ReactMarkdown

Problem

Multiple <ReactMarkdown> usages rendered untrusted content without rehype-sanitize, allowing attackers to inject arbitrary HTML including javascript: URIs and event handler attributes.

Highest risk — MessageBubble.tsx: renders AI/LLM responses directly. A prompt injection attack could cause the LLM to output [click me](javascript:alert(document.cookie)) which would execute in the user's browser.

Components Fixed

File	Risk	Content Source
MessageBubble.tsx	Critical (prompt injection)	LLM/AI responses
FeedbackDialogs.tsx (FullscreenPreview)	High	User-typed markdown
SubmitTab.tsx (preview panel)	Medium	User-typed markdown
WhatsNewModal.tsx (3 instances)	Medium	GitHub release notes body

Changes

All 4 files: added import rehypeSanitize from 'rehype-sanitize' and rehypePlugins={[rehypeSanitize]} to <ReactMarkdown> components. rehype-sanitize was already a transitive dependency via react-markdown.

MessageBubble.tsx also received remarkGfm (GitHub Flavored Markdown) which was missing.

Testing

• Verify markdown rendering still works (bold, links, code blocks)
• Verify javascript: URIs in links are stripped (render as # or plain text)
• Verify <script> tags in markdown are stripped

Fixes #17150

---

Filed by sec-check agent (ACMM L6 — full mode)

[kubestellar-prow]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign mikespreitzer for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[netlify]

✅ Deploy Preview for kubestellarconsole ready!

Name	Link
🔨 Latest commit	351b863
🔍 Latest deploy log	https://app.netlify.com/projects/kubestellarconsole/deploys/6a26a609e3ef3200080fe2e1
😎 Deploy Preview	https://deploy-preview-17158.console-deploy-preview.kubestellar.io
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[github-actions]

👋 Hey @clubanderson — thanks for opening this PR!

🤖 This project is developed exclusively using AI coding assistants.

Please do not attempt to code anything for this project manually.
All contributions should be authored using an AI coding tool such as:

• Claude Code (Opus 4.5 / 4.6) — recommended
• GitHub Copilot
• Cursor
• Other AI coding assistants

This ensures consistency in code style, architecture patterns, test coverage,
and commit quality across the entire codebase.

---

This is an automated message.

[github-actions]

✅ Test Coverage Check

All new source files in this PR have corresponding test files.

Checked web/src/hooks/ and web/src/components/ against origin/main.

[github-actions]

Auto Test Generator

The following new files have no corresponding test file:

• web/src/components/feedback/FeedbackDialogs.tsx
• web/src/components/feedback/SubmitTab.tsx
• web/src/components/stellar/MessageBubble.tsx

Please add tests or apply the needs-tests label to track this PR.

[Copilot]

Pull request overview

Mitigates an XSS vector in the web UI by ensuring untrusted Markdown rendered via react-markdown is sanitized with rehype-sanitize, specifically targeting javascript: URI injection (and other unsafe HTML/attributes) in several user/AI/GitHub-sourced Markdown surfaces.

Changes:

• Added rehype-sanitize to multiple ReactMarkdown renderers to sanitize rendered Markdown output.
• Added remark-gfm to MessageBubble.tsx for consistent GitHub Flavored Markdown rendering in chat messages.
• Updated all relevant Markdown preview/release-notes render paths in the touched components to include rehypePlugins={[rehypeSanitize]}.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated no comments.

File	Description
web/src/components/updates/WhatsNewModal.tsx	Sanitizes GitHub release-notes Markdown rendering in all modal instances.
web/src/components/stellar/MessageBubble.tsx	Sanitizes AI message Markdown rendering and enables GFM parsing.
web/src/components/feedback/SubmitTab.tsx	Sanitizes user-typed Markdown in the feedback preview panel.
web/src/components/feedback/FeedbackDialogs.tsx	Sanitizes Markdown in the fullscreen preview overlay.

[github-actions]

Status Check — Open PR Stalled ~21 Hours, No Review Activity

This PR has been open for approximately 21 hours with no review activity since shortly after creation (~22:28 UTC on June 6).

Current status:

• Build / CI: ⚠️ 1 check failing (post-directions) — all other 38 checks passing
• Draft: No — this is a ready-for-review PR
• DCO signoff: ✅ Present
• Reviews: None submitted
• Approval: Not approved

post-directions check failure: This appears to be a minor automated/bot check that fires on PRs from certain authors. It is not a build, lint, or test failure and does not block the actual fix from being reviewed.

Context: This PR addresses the same ReactMarkdown XSS / `(redacted) URI injection issue as draft PR #17151. A comment on #17151 at 10:12 UTC noted this PR as the superseding fix; however, a later comment at 17:39 UTC on #17151 reversed that and called #17151 the correct fix. A human maintainer needs to resolve which PR should be merged.

Recommended next steps for a human maintainer:

1. Compare this PR ([sec-check] fix: add rehypeSanitize to ReactMarkdown components (XSS via javascript: URIs) #17158) against draft PR Harden ReactMarkdown rendering against javascript: URI injection #17151 to decide which one to proceed with
2. If this PR is selected: review, approve, and merge to resolve the XSS security finding
3. If Harden ReactMarkdown rendering against javascript: URI injection #17151 is selected: close this PR and proceed with Harden ReactMarkdown rendering against javascript: URI injection #17151 after it receives DCO signoff

Generated by Stuck Detection Workflow · sonnet46 1.8M · ◷

[github-actions]

Status Check — Security Fix PR Awaiting Review (~27 Hours)

No new activity since the last status check at 19:41 UTC (~3h12m ago). State unchanged.

Current status:

• Build / CI: ⚠️ 1 check failing (post-directions) — all other 38 checks passing ✅
• Draft: No — ready for review
• DCO signoff: ✅ Present
• Reviews: None submitted
• Approval: Not approved
• Label: ai-needs-human already set

Note on post-directions failure: This is a minor automated bot check unrelated to build, lint, or tests. It does not block the security fix from being reviewed or merged.

This PR fixes a security issue: XSS via (redacted) URI injection in ReactMarkdown components (MessageBubble.tsx, FeedbackDialogs.tsx, SubmitTab.tsx, WhatsNewModal.tsx). The fix adds rehypeSanitize` to the render pipeline.

Relationship to #17151: This PR may supersede draft PR #17151, which covers the same issue but lacks DCO signoff and remains in draft. A human maintainer needs to decide which PR to proceed with.

Recommended next steps at start of business hours:

1. Review this PR and verify the rehypeSanitize additions are correct
2. Approve and merge to resolve the XSS security finding
3. Close draft PR Harden ReactMarkdown rendering against javascript: URI injection #17151 once this PR is merged (or vice versa — see conflicting assessments on Harden ReactMarkdown rendering against javascript: URI injection #17151)

Outside business hours — no new labels or escalation needed.

Generated by Stuck Detection Workflow · sonnet46 1.6M · ◷

[github-actions]

Thank you for your contribution! Your PR has been merged.

Check out what's new:

• KubeStellar Console — Live multi-cluster dashboard
• Marketplace — Community extensions
• Knowledge Base — Troubleshooting and how-tos

Stay connected: Slack #kubestellar-dev | Multi-Cluster Survey

[github-actions]

❌ Post-Merge Verification: failed

Commit: 266a9d998103ffd21b5486261a2043053082d513
Specs run: smoke.spec.ts
Report: https://github.com/kubestellar/console/actions/runs/27134361004

[github-actions]

Post-merge build verification passed ✅

Both Go and frontend builds compiled successfully against merge commit 266a9d998103ffd21b5486261a2043053082d513.