Merge pull request #714 from geonetwork/backport/706-to-2.0.x

[Backport 2.0.x] fix(DH): Prevent XSS attacks

libs/ui/elements/src/lib/metadata-info/metadata-info.component.html

@@ -8,7 +8,7 @@
   <gn-ui-content-ghost ghostClass="h-32" [showContent]="fieldReady('abstract')">
     <p
       class="whitespace-pre-line break-words"
-      [innerHTML]="metadata.abstract | safe: 'html'"
+      [innerHTML]="metadata.abstract"
       *ngIf="metadata.abstract"
     ></p>
   </gn-ui-content-ghost>

libs/ui/elements/src/lib/thumbnail/thumbnail.component.html

@@ -12,7 +12,7 @@
     alt="thumbnail"
     loading="lazy"
     (load)="setObjectFit()"
-    [src]="imgUrl | safe: 'url'"
+    [src]="imgUrl"
     (error)="useFallback()"
   />
 </div>

libs/util/shared/src/index.ts

@@ -2,3 +2,4 @@ export * from './lib/util-shared.module'
 export * from './lib/services'
 export * from './lib/utils/'
 export * from './lib/links'
+export * from './lib/image-fallback.directive'

libs/util/shared/src/lib/util-shared.module.ts

@@ -1,11 +1,10 @@
 import { NgModule } from '@angular/core'
-import { SafePipe } from './pipes/SafePipe'
 import { CommonModule } from '@angular/common'
 import { ImageFallbackDirective } from './image-fallback.directive'
 
 @NgModule({
-  declarations: [SafePipe, ImageFallbackDirective],
+  declarations: [ImageFallbackDirective],
   imports: [CommonModule],
-  exports: [SafePipe, ImageFallbackDirective],
+  exports: [ImageFallbackDirective],
 })
 export class UtilSharedModule {}