Public-Mirrors
/
markdown-it
mirror of https://github.com/markdown-it/markdown-it.git
1
0
Fork 0
Code Issues Releases Activity
Browse Source

validateLink: expand entities before trimming and lowercasing

pull/47/head
opennota 9 years ago
parent
bd4b21363e
commit
7da4d5e81b
2 changed files with 10 additions and 3 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 6
      lib/parser_inline.js
  2. 7
      test/fixtures/markdown-it/xss.txt

6
lib/parser_inline.js
View File

@ -30,10 +30,10 @@ var _rules = [
var BAD_PROTOCOLS = [ 'vbscript', 'javascript', 'file' ];
function validateLink(url) {
var str = url.trim().toLowerCase();
// Care about digital entities "javascript:alert(1)"
str = replaceEntities(str);
var str = replaceEntities(url);
str = str.trim().toLowerCase();
if (str.indexOf(':') >= 0 && BAD_PROTOCOLS.indexOf(str.split(':')[0]) >= 0) {
return false;

7
test/fixtures/markdown-it/xss.txt
View File

@ -29,8 +29,15 @@ Should not allow some protocols in links and images
.
[xss link]("><script>alert("xss")</script>)
[xss link](Javascript:alert(1))
[xss link](Javascript:alert(1))
.
<p><a href="%22%3E%3Cscript%3Ealert(%22xss%22)%3C/script%3E">xss link</a></p>
<p>[xss link](Javascript:alert(1))</p>
<p>[xss link](&amp;#74;avascript:alert(1))</p>
.
.

Write Preview
Loading…
Cancel
Save