smig/excalidraw
1
0
Fork 0
mirror of https://github.com/excalidraw/excalidraw.git synced 2025-05-03 10:00:07 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: parse embeddable srcdoc urls strictly (#7884)

Browse source
This commit is contained in:
David Luzar 2024-04-12 20:51:17 +02:00 committed by GitHub
parent 4689a6b300
commit afcde542f9
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 26 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

6
packages/excalidraw/data/url.ts
View file

@ -1,11 +1,15 @@
import { sanitizeUrl } from "@braintree/sanitize-url";
export const sanitizeHTMLAttribute = (html: string) => {
return html.replace(/"/g, """);
};
export const normalizeLink = (link: string) => {
link = link.trim();
if (!link) {
return link;
}
return sanitizeUrl(link);
return sanitizeUrl(sanitizeHTMLAttribute(link));
};
export const isLocalLink = (link: string | null) => {