mirror of
https://github.com/PrivateBin/PrivateBin.git
synced 2024-12-23 14:29:29 -05:00
Sanitize output from Helper.urls2links
This commit is contained in:
parent
25a39148a8
commit
5f0011b0f6
@ -405,9 +405,11 @@ jQuery.PrivateBin = (function($, RawDeflate) {
|
||||
me.urls2links = function(element)
|
||||
{
|
||||
element.html(
|
||||
element.html().replace(
|
||||
/(((https?|ftp):\/\/[\w?!=&.\/-;#@~%+*-]+(?![\w\s?!&.\/;#~%"=-]>))|((magnet):[\w?=&.\/-;#@~%+*-]+))/ig,
|
||||
'<a href="$1" rel="nofollow">$1</a>'
|
||||
DOMPurify.sanitize(
|
||||
element.html().replace(
|
||||
/(((https?|ftp):\/\/[\w?!=&.\/-;#@~%+*-]+(?![\w\s?!&.\/;#~%"=-]>))|((magnet):[\w?=&.\/-;#@~%+*-]+))/ig,
|
||||
'<a href="$1" rel="nofollow">$1</a>'
|
||||
)
|
||||
)
|
||||
);
|
||||
};
|
||||
|
Loading…
Reference in New Issue
Block a user