HMC/handmade-revolt
2
0
Fork 0
forked from abner/for-legacy-web
Code Pull Requests Actions Activity

Explicitly deny bad URLs.

Browse Source 
Fixes #252.
Handle embed untrusted links better.
This commit is contained in:
Paul
2021-09-25 10:54:32 +01:00
parent 66289911ba
commit 81379d6ec4
5 changed files with 26 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/lib/links.ts
View File

@@ -52,7 +52,9 @@ export function determineLink(href?: string): LinkType {
} catch (err) {}
if (!internal && url) {
return { type: "external", href, url };
if (url.protocol !== "javascript") {
return { type: "external", href, url };
}
}
}