added data: link fix to prevent xss

markedjs · Jan 19, 2017 · cd2f6f5 · cd2f6f5
1 parent 38f1727
commit cd2f6f5
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 2 deletions.
diff --git a/lib/marked.js b/lib/marked.js
@@ -875,7 +875,7 @@ Renderer.prototype.link = function(href, title, text) {
     } catch (e) {
       return '';
     }
-    if (prot.indexOf('javascript:') === 0 || prot.indexOf('vbscript:') === 0) {
+    if (prot.indexOf('javascript:') === 0 || prot.indexOf('vbscript:') === 0 || prot.indexOf('data:') === 0) {
       return '';
     }
   }

diff --git a/test/tests/links.sanitize.html b/test/tests/links.sanitize.html
@@ -1,4 +1,5 @@
 <p></p>
 <p></p>
 <p></p>
+<p></p>
 <p></p>
diff --git a/test/tests/links.sanitize.text b/test/tests/links.sanitize.text
@@ -4,4 +4,6 @@
 
 [URL](javascript&colon;alert&#40;1&#41;)
 
-[URL](javascript&#58document;alert&#40;1&#41;)
+[URL](javascript&#58document;alert&#40;1&#41;)
+
+[URL](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K)