diff options
author | Robert Speicher <rspeicher@gmail.com> | 2016-02-23 20:40:31 -0500 |
---|---|---|
committer | Robert Speicher <rspeicher@gmail.com> | 2016-02-23 20:42:03 -0500 |
commit | 989946f33717685065812d72e9ed4490fe969104 (patch) | |
tree | 871536ec2cbb9d929d5966afd93f514b81f0da65 /lib | |
parent | 4225fd229f8503c3007e07cbad2ccac319b2547b (diff) | |
download | gitlab-ce-rs-data-links.tar.gz |
Sanitize `vbscript:` linksrs-data-links
Closes https://dev.gitlab.org/gitlab/gitlabhq/issues/2660
Diffstat (limited to 'lib')
-rw-r--r-- | lib/banzai/filter/sanitization_filter.rb | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/banzai/filter/sanitization_filter.rb b/lib/banzai/filter/sanitization_filter.rb index c201ace8d35..abd79b329ae 100644 --- a/lib/banzai/filter/sanitization_filter.rb +++ b/lib/banzai/filter/sanitization_filter.rb @@ -7,6 +7,8 @@ module Banzai # # Extends HTML::Pipeline::SanitizationFilter with a custom whitelist. class SanitizationFilter < HTML::Pipeline::SanitizationFilter + UNSAFE_PROTOCOLS = %w(javascript :javascript data vbscript).freeze + def whitelist whitelist = super @@ -62,7 +64,7 @@ module Banzai return unless node.name == 'a' return unless node.has_attribute?('href') - if node['href'].start_with?('javascript', ':javascript', 'data') + if node['href'].start_with?(*UNSAFE_PROTOCOLS) node.remove_attribute('href') end end |