proxmox-mirrors/proxmox-widget-toolkit
1
0
Fork 1
mirror of https://git.proxmox.com/git/proxmox-widget-toolkit synced 2025-05-22 15:15:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix #4756: markdown notes: allow any valid URL for a tags

Browse Source 
As anchor elements cannot load things into the current browsing
context and are not necessarily more dangerous to users compared to
HTTP(S) links, which we allowed since adding markdown rendering in
the first place.

Allows adding short-cuts for virtual guest resources, like RDP or SSH
links.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This commit is contained in:
Thomas Lamprecht 2023-06-03 12:25:36 +02:00
parent b0c7069a10
commit 5cbbb9c44a
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/Parser.js
View File

@ -34,6 +34,7 @@ Ext.define('Proxmox.Markdown', {
let url = new URL(value, window.location.origin);
if (
_isHTTPLike(url.protocol) ||
node.tagName.toLowerCase() === 'a' ||
(node.tagName.toLowerCase() === 'img' && url.protocol.toLowerCase() === 'data:')
) {
node.attributes[i].value = url.href;