Fix DOMPurify paths.

Thanks to xet7 !

client/components/activities/activities.js

@@ -1,6 +1,6 @@
 import { ReactiveCache } from '/imports/reactiveCache';
 import DOMPurify from 'dompurify';
-import { sanitizeHTML, sanitizeText } from '/client/lib/secureDOMPurify';
+import { sanitizeHTML, sanitizeText } from '../../lib/secureDOMPurify';
 import { TAPi18n } from '/imports/i18n';
 
 const activitiesPerPage = 500;

client/components/cards/attachments.js

@@ -1,8 +1,8 @@
 import { ReactiveCache } from '/imports/reactiveCache';
 import { ObjectID } from 'bson';
 import DOMPurify from 'dompurify';
-import { sanitizeHTML, sanitizeText } from '/client/lib/secureDOMPurify';
-import uploadProgressManager from '/client/lib/uploadProgressManager';
+import { sanitizeHTML, sanitizeText } from '../../lib/secureDOMPurify';
+import uploadProgressManager from '../../lib/uploadProgressManager';
 
 const filesize = require('filesize');
 const prettyMilliseconds = require('pretty-ms');

client/components/cards/cardDetails.js

@@ -13,7 +13,7 @@ import { ALLOWED_COLORS } from '/config/const';
 import { UserAvatar } from '../users/userAvatar';
 import { DialogWithBoardSwimlaneList } from '/client/lib/dialogWithBoardSwimlaneList';
 import { handleFileUpload } from './attachments';
-import uploadProgressManager from '/client/lib/uploadProgressManager';
+import uploadProgressManager from '../../lib/uploadProgressManager';
 
 const subManager = new SubsManager();
 const { calculateIndexData } = Utils;

client/components/cards/minicard.js

@@ -2,7 +2,7 @@ import { ReactiveCache } from '/imports/reactiveCache';
 import { TAPi18n } from '/imports/i18n';
 import { CustomFieldStringTemplate } from '/client/lib/customFields';
 import { handleFileUpload } from './attachments';
-import uploadProgressManager from '/client/lib/uploadProgressManager';
+import uploadProgressManager from '../../lib/uploadProgressManager';
 
 // Template.cards.events({
 //   'click .member': Popup.open('cardMember')

client/components/main/editor.js

@@ -325,7 +325,7 @@ BlazeComponent.extendComponent({
 }).register('editor');
 
 import DOMPurify from 'dompurify';
-import { sanitizeHTML } from '/client/lib/secureDOMPurify';
+import { sanitizeHTML } from '../lib/secureDOMPurify';
 
 // Additional  safeAttrValue function to allow for other specific protocols
 // See https://github.com/leizongmin/js-xss/issues/52#issuecomment-241354114

models/cardComments.js

@@ -1,7 +1,7 @@
 import { ReactiveCache } from '/imports/reactiveCache';
 import escapeForRegex from 'escape-string-regexp';
 import DOMPurify from 'dompurify';
-import { sanitizeText } from '/client/lib/secureDOMPurify';
+import { sanitizeText } from '../client/lib/secureDOMPurify';
 
 CardComments = new Mongo.Collection('card_comments');
 

models/cards.js

@@ -1759,7 +1759,7 @@ Cards.helpers({
     // Sanitize title on client side as well
     let sanitizedTitle = title;
     if (typeof title === 'string') {
-      const { sanitizeTitle } = require('/server/lib/inputSanitizer');
+      const { sanitizeTitle } = require('../server/lib/inputSanitizer');
       sanitizedTitle = sanitizeTitle(title);
       if (process.env.DEBUG === 'true' && sanitizedTitle !== title) {
         console.warn('Client-side sanitized card title:', title, '->', sanitizedTitle);
@@ -3575,7 +3575,7 @@ JsonRoutes.add('GET', '/api/boards/:boardId/cards_count', function(
       Authentication.checkBoardAccess(req.userId, paramBoardId);
 
       if (req.body.title) {
-        const { sanitizeTitle } = require('/server/lib/inputSanitizer');
+        const { sanitizeTitle } = require('../server/lib/inputSanitizer');
         const newTitle = sanitizeTitle(req.body.title);
 
         if (process.env.DEBUG === 'true' && newTitle !== req.body.title) {

models/lists.js

@@ -315,7 +315,7 @@ Lists.mutations({
   rename(title) {
     // Sanitize title on client side as well
     if (typeof title === 'string') {
-      const { sanitizeTitle } = require('/server/lib/inputSanitizer');
+      const { sanitizeTitle } = require('../server/lib/inputSanitizer');
       const sanitizedTitle = sanitizeTitle(title);
       if (process.env.DEBUG === 'true' && sanitizedTitle !== title) {
         console.warn('Client-side sanitized list title:', title, '->', sanitizedTitle);
@@ -653,7 +653,7 @@ if (Meteor.isServer) {
 
       // Update title if provided
       if (req.body.title) {
-        const { sanitizeTitle } = require('/server/lib/inputSanitizer');
+        const { sanitizeTitle } = require('../server/lib/inputSanitizer');
         const newTitle = sanitizeTitle(req.body.title);
 
         if (process.env.DEBUG === 'true' && newTitle !== req.body.title) {

packages/markdown/src/template-integration.js

@@ -1,5 +1,5 @@
 import DOMPurify from 'dompurify';
-import { getSecureDOMPurifyConfig } from '/client/lib/secureDOMPurify';
+import { getSecureDOMPurifyConfig } from '../../../client/lib/secureDOMPurify';
 
 var Markdown = require('markdown-it')({
   html: true,