1
0
mirror of https://github.com/laurent22/joplin.git synced 2024-12-24 10:27:10 +02:00

Desktop: Security: Improve Markdown viewer link handling (#11201)

This commit is contained in:
Henry Heino 2024-10-14 09:51:28 -07:00 committed by GitHub
parent 26ae3f853e
commit 1a195e23dd
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -733,6 +733,13 @@
}));
document.addEventListener('click', webviewLib.logEnabledEventHandler(e => {
// Links should all have custom click handlers. Allowing Electron to load custom links
// can cause security issues, particularly if these links have the same domain as the
// top-level page.
if (e.target.hasAttribute('href')) {
e.preventDefault();
}
document.querySelectorAll('.media-pdf').forEach(element => {
if(!!element.contentWindow){
element.contentWindow.postMessage({