1
0
mirror of https://github.com/laurent22/joplin.git synced 2024-12-24 10:27:10 +02:00

Security: Ensure Markdown links that contain single quotes are correctly escaped

This commit is contained in:
Laurent Cozic 2021-11-08 15:38:44 +00:00
parent b328094033
commit 75256613cc
2 changed files with 8 additions and 1 deletions

View File

@ -12,6 +12,13 @@ describe('linkReplacement', () => {
expect(r).toBe('<a data-from-md href=\'https://example.com/test\'>');
});
test('should handle non-resource links with single quotes in it', () => {
// Handles a link such as:
// [Google](https://www.goo'onclick=javascript:alert(/1/);f=')
const r = linkReplacement('https://www.goo\'onclick=javascript:alert(/1/);f=\'', { linkRenderingType: 1 }).html;
expect(r).toBe('<a data-from-md href=\'https://www.goo&apos;onclick=javascript:alert(/1/);f=&apos;\' onclick=\'postMessage("https://www.goo%27onclick=javascript:alert(/1/);f=%27", { resourceId: "" }); return false;\'>');
});
test('should handle resource links - downloaded status', () => {
const resourceId = 'f6afba55bdf74568ac94f8d1e3578d2c';

View File

@ -122,7 +122,7 @@ export default function(href: string, options: Options = null): LinkReplacementR
icon = '';
attrHtml.push(`href='${htmlentities(href)}'`);
} else {
attrHtml.push(`href='${hrefAttr}'`);
attrHtml.push(`href='${htmlentities(hrefAttr)}'`);
if (js) attrHtml.push(js);
}