self-hosted/joplin
1
0
Fork 0
mirror of https://github.com/laurent22/joplin.git synced 2024-11-24 08:12:24 +02:00
Code Issues Releases Activity

All: Fixes #8286: Allow certain HTML anchor tags

Browse Source
This commit is contained in:
Laurent Cozic 2023-06-08 15:18:46 +01:00
parent 0c6f779aab
commit 98440beffa
3 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
packages/app-cli/tests/md_to_html/sanitize_17.html Normal file
View File

@ -0,0 +1 @@
<a href="#top" class="jop-noMdConv">⬆️</a>

1
packages/app-cli/tests/md_to_html/sanitize_17.md Normal file
View File

@ -0,0 +1 @@
<a href="#top">⬆️</a>

7
packages/renderer/htmlUtils.ts
View File

@ -157,7 +157,12 @@ class HtmlUtils {
private isAcceptedUrl(url: string): boolean {
url = url.toLowerCase();
return url.startsWith('https://') || url.startsWith('http://') || url.startsWith('mailto://');
return url.startsWith('https://') ||
url.startsWith('http://') ||
url.startsWith('mailto://') ||
// We also allow anchors but only with a specific set of a characters.
// Fixes https://github.com/laurent22/joplin/issues/8286
!!url.match(/^#[a-zA-Z0-9-]+$/);
}
public sanitizeHtml(html: string, options: SanitizeHtmlOptions = null) {