Update debug.es6.js DOM Text Interpretd as html

[Shivam7-1]

Summary of Changes

By using textContent, it will avoid the risk of HTML injection, as these properties automatically escape any HTML special characters in the provided text.
This helps make page more safer as compare to innerHTML and prevent cross-site scripting (XSS) vulnerabilities by treating the input as plain text rather than interpreted HTML.

Link to documentations

Please select:

• Documentation link for docs.joomla.org:

• No documentation changes for docs.joomla.org needed

• Pull Request link for manual.joomla.org:

• No documentation changes for manual.joomla.org needed

[HLeithner]

This won't work as we inject HTML on purpose here.

[Shivam7-1]

Hii @HLeithner
Thanks For Reviewing 😃
Can here use dompurify for sanitize the HTML Which won't Change innerhtml behaviour and also It will get more Secure Also ?

How is it ?
Regards

[dgrammatiko]

Can here use dompurify for sanitize the HTML

You could use

joomla-cms/build/media_source/system/js/core.es6.js

Lines 739 to 743 in a28c352

	Joomla.sanitizeHtml = (unsafeHtml, allowList, sanitizeFn) => {
	const allowed = (allowList === undefined || allowList === null)
	? DefaultAllowlist : { ...DefaultAllowlist, ...allowList };
	return sanitizeHtml(unsafeHtml, allowed, sanitizeFn);
	};

[Shivam7-1]

Hii @dgrammatiko @HLeithner Thanks For Suggestions
Accordingly I had Done Here #44342
Could You Please Review This PR
Thanks