fix: refuse to render non-string Markdown field values (via #5295)

Author: shockey

src/core/components/providers/markdown.jsx

@@ -19,6 +19,10 @@ DomPurify.addHook("beforeSanitizeElements", function (current, ) {
 const isPlainText = (str) => /^[A-Z\s0-9!?\.]+$/gi.test(str)
 
 function Markdown({ source, className = "" }) {
+    if (typeof source !== "string") {
+      return null
+    }
+
     if(isPlainText(source)) {
       // If the source text is not Markdown,
       // let's save some time and just render it.

src/core/plugins/oas3/wrap-components/markdown.jsx

@@ -10,6 +10,10 @@ parser.block.ruler.enable(["table"])
 parser.set({ linkTarget: "_blank" })
 
 export const Markdown = ({ source, className = "" }) => {
+  if(typeof source !== "string") {
+    return null
+  }
+  
   if ( source ) {
     const html = parser.render(source)
     const sanitized = sanitizer(html)