From 9ef8030535df0043e59c3bf667dac58ca9400589 Mon Sep 17 00:00:00 2001
From: Thomas Lamprecht <t.lamprecht@proxmox.com>
Date: Tue, 3 Oct 2023 08:44:02 +0200
Subject: [PATCH] parser: make it clearer that we mark HTTP-like URLs always as
 safe

we should make this controllable by the user for images, while modern
browser are quite safe w.r.t. not transmitting to much info on cross
origin requests, it still might be nicer if they have some control
over this.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
---
 src/Parser.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Parser.js b/src/Parser.js
index 04c8188..0238ef0 100644
--- a/src/Parser.js
+++ b/src/Parser.js
@@ -34,8 +34,8 @@ Ext.define('Proxmox.Markdown', {
 		    let safeURL = false;
 		    try {
 			let url = new URL(value, window.location.origin);
+			safeURL = _isHTTPLike(url.protocol);
 			if (
-			    _isHTTPLike(url.protocol) ||
 			    canonicalTagName === 'a' ||
 			    (canonicalTagName === 'img' && url.protocol.toLowerCase() === 'data:')
 			) {