oceanprotocol
/
market
mirror of https://github.com/oceanprotocol/market.git
1
0
Fork 0
Code Releases Activity

tweak sanitizeUrl() (#1703) 

* tweak sanitizeUrl()

* add test
This commit is contained in:
Matthias Kretschmann 2022-09-23 10:05:52 +01:00 committed by GitHub
parent 92b7063b3d
commit 228ff19056
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 11 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/@utils/url.test.ts Normal file
View File

@ -0,0 +1,9 @@
import { sanitizeUrl } from './url'
describe('@utils/url', () => {
test('sanitizeUrl', () => {
expect(sanitizeUrl('http://example.com')).toBe('http://example.com')
expect(sanitizeUrl('https://example.com')).toBe('https://example.com')
expect(sanitizeUrl('ftp://example.com')).toBe('about:blank')
})
})

9
src/@utils/url.ts
View File

@ -1,10 +1,5 @@
export function sanitizeUrl(url: string) {
const u = decodeURI(url).trim().toLowerCase()
if (
u.startsWith('javascript:') ||
u.startsWith('data:') ||
u.startsWith('vbscript:')
)
return 'about:blank'
return url
const isAllowedUrlScheme = u.startsWith('http://') || u.startsWith('https://')
return isAllowedUrlScheme ? url : 'about:blank'
}