fix: 프론트엔드 1단계 — XSS 수정 + Svelte 5 변환 + 필터/아이콘/a11y

- [critical] DOMPurify 적용 (FORBID_TAGS/ATTR, ALLOW_UNKNOWN_PROTOCOLS) - [high] $: → $derived 변환 (documents/[id]) - [high] 태그/소스 필터 구현 (filterTag, filterSource) - FormatIcon: docx/xlsx/pptx/odt/ods/odp/dwg/dxf 추가 - editTab 선언 순서 수정 - debounceTimer 미사용 변수 제거 - Toast role="status" aria-live 추가 - marked 옵션: mangle/headerIds false Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-06 12:15:02 +09:00
parent 24142ea605
commit 3374eebfc6
7 changed files with 2296 additions and 13 deletions
--- a/frontend/src/routes/+layout.svelte
+++ b/frontend/src/routes/+layout.svelte
@@ -113,7 +113,7 @@
 {/if}

 <!-- Toast -->
-<div class="fixed top-4 right-4 z-50 flex flex-col gap-2 max-w-sm">
+<div class="fixed top-4 right-4 z-50 flex flex-col gap-2 max-w-sm" role="status" aria-live="polite">
  {#each $toasts as toast (toast.id)}
    <button
      class="px-4 py-3 rounded-lg shadow-lg text-sm flex items-center gap-2 cursor-pointer text-left"