0
0
mirror of https://github.com/go-gitea/gitea.git synced 2024-11-30 03:40:08 +01:00
gitea/modules/markup
KN4CK3R 8af96f585f
Disallow dangerous url schemes (#25960)
Regression: https://github.com/go-gitea/gitea/pull/24805
Closes: #25945

- Disallow `javascript`, `vbscript` and `data` (data uri images still
work) url schemes even if all other schemes are allowed
- Fixed older `cbthunderlink` tests

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-07-18 15:18:37 +00:00
..
asciicast
common
console
csv
external
markdown
mdstripper
orgmode
camo_test.go
camo.go
html_internal_test.go
html_test.go
html.go
renderer_test.go
renderer.go
sanitizer_test.go Disallow dangerous url schemes (#25960) 2023-07-18 15:18:37 +00:00
sanitizer.go Disallow dangerous url schemes (#25960) 2023-07-18 15:18:37 +00:00