Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2026-05-06 15:17:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix: improper neutralization of user input in image wrapping code

Browse Source
This commit is contained in:
Julian Lam
2023-06-13 11:55:13 -04:00
committed by Barış Soner Uşaklı
parent b450689705
commit 88c9d9d152
1 changed files with 9 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
public/src/client/topic/images.js
View File

@@ -3,28 +3,26 @@
define('forum/topic/images', [], function () {
const Images = {};
const suffixRegex = /-resized(\.[\w]+)?$/;
Images.wrapImagesInLinks = function (posts) {
posts.find('[component="post/content"] img:not(.emoji)').each(function () {
const $this = $(this);
let src = $this.attr('src') || '';
const alt = $this.attr('alt') || '';
const suffixRegex = /-resized(\.[\w]+)?$/;
if (src === 'about:blank') {
return;
}
if (utils.isRelativeUrl(src) && suffixRegex.test(src)) {
src = src.replace(suffixRegex, '$1');
}
const srcExt = src.split('.').slice(1).pop();
const altFilename = alt.split('/').pop();
const altExt = altFilename.split('.').slice(1).pop();
if (!$this.parent().is('a')) {
if (utils.isRelativeUrl(src) && suffixRegex.test(src)) {
src = src.replace(suffixRegex, '$1');
}
const alt = $this.attr('alt') || '';
const srcExt = src.split('.').slice(1).pop();
const altFilename = alt.split('/').pop();
const altExt = altFilename.split('.').slice(1).pop();
$this.wrap('<a href="' + src + '" ' +
(!srcExt && altExt ? ' download="' + altFilename + '" ' : '') +
(!srcExt && altExt ? ' download="' + utils.escapeHTML(altFilename) + '" ' : '') +
' target="_blank" rel="noopener">');
}
});