Skip to content

Commit 66a8d84

Browse files
committed
fix: constrain canonical head links to safe attributes
Nuxt recommends useHeadSafe when head data is derived from input because it restricts rendered head fields to a safe attribute whitelist. The canonical composable builds links from route and optional content-derived markdown paths, and useHeadSafe still allows the rel, href, type, and related link attributes this helper emits. Docs: https://nuxt.com/docs/4.x/api/composables/use-head-safe
1 parent abfe02b commit 66a8d84

1 file changed

Lines changed: 1 addition & 1 deletion

File tree

app/composables/useCanonical.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@ export function useCanonical(markdownAlternate?: MaybeRefOrGetter<string | null
1010
const route = useRoute()
1111
const site = useSiteConfig()
1212

13-
useHead({
13+
useHeadSafe({
1414
link: computed(() => {
1515
const links: Link[] = [
1616
{ rel: 'canonical', href: joinURL(site.url, route.path) }

0 commit comments

Comments
 (0)