mirror of
https://github.com/revoltchat/revite.git
synced 2024-11-28 18:00:59 -05:00
Fix Link Whitelist issue
This commit is contained in:
parent
5b6546b761
commit
6cc3329b26
1 changed files with 1 additions and 28 deletions
|
@ -20,31 +20,6 @@ const ALLOWED_ORIGINS = [
|
|||
"rolt.chat",
|
||||
];
|
||||
|
||||
/**
|
||||
* Permissible protocols in URLs
|
||||
*/
|
||||
const PROTOCOL_WHITELIST = [
|
||||
"http:",
|
||||
"https:",
|
||||
"ftp:",
|
||||
"ftps:",
|
||||
"mailto:",
|
||||
"news:",
|
||||
"irc:",
|
||||
"gopher:",
|
||||
"nntp:",
|
||||
"feed:",
|
||||
"telnet:",
|
||||
"mms:",
|
||||
"rtsp:",
|
||||
"svn:",
|
||||
"git:",
|
||||
"tel:",
|
||||
"fax:",
|
||||
"xmpp:",
|
||||
"magnet:",
|
||||
];
|
||||
|
||||
/**
|
||||
* Determine what kind of link we are dealing with and sanitise any malicious input
|
||||
* @param href Input URL
|
||||
|
@ -65,11 +40,9 @@ export function determineLink(href?: string): LinkType {
|
|||
} catch (err) {}
|
||||
|
||||
if (!internal && url) {
|
||||
if (PROTOCOL_WHITELIST.includes(url.protocol)) {
|
||||
return { type: "external", href, url };
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return { type: "none" };
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue