Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: isExternal check with malformed URL + tests #1510

Merged
merged 2 commits into from
Feb 18, 2021
Merged

fix: isExternal check with malformed URL + tests #1510

merged 2 commits into from
Feb 18, 2021

Conversation

jhildenbiddle
Copy link
Member

@jhildenbiddle jhildenbiddle commented Feb 14, 2021
edited
Loading

Fix #1477. Fix #1126. Follow-up to #1489.

Summary

Handles malformed remote URLs that contain more than two forward slashes (e.g., ////////domain.com/file.md)

What kind of change does this PR introduce? (check at least one)

  • Bugfix

Does this PR introduce a breaking change? (check one)

  • Yes
  • No

You have tested in the following browsers: (Providing a detailed version will be better.)

  • Chrome
  • Firefox
  • Safari
  • Edge
  • IE

@vercel
Copy link

vercel bot commented Feb 14, 2021
edited
Loading

This pull request is being automatically deployed with Vercel (learn more).
To see the status of your deployment, click below or on the icon next to each commit.

🔍 Inspect: https://vercel.com/docsify-core/docsify-preview/fdto751ms
✅ Preview: https://docsify-preview-git-fix-xss.docsify-core.vercel.app

@codesandbox-ci
Copy link

codesandbox-ci bot commented Feb 14, 2021
edited
Loading

This pull request is automatically built and testable in CodeSandbox.

To see build info of the built libraries, click here or the icon next to each commit SHA.

Latest deployment of this branch, based on commit 10d302f:

Sandbox Source
docsify-template Configuration

@jhildenbiddle
Copy link
Member Author

jhildenbiddle commented Feb 14, 2021
edited
Loading

Closing #1509 in favor of this PR which 1) fixes the regular expression used in isExternal and 2) includes e2e tests.

@jhildenbiddle jhildenbiddle mentioned this pull request Feb 14, 2021
Closed
19 tasks
@jhildenbiddle jhildenbiddle requested a review from a team February 15, 2021 00:07
Koooooo-7
Koooooo-7 approved these changes Feb 15, 2021
View reviewed changes
Copy link
Member

@Koooooo-7 Koooooo-7 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

@Koooooo-7 Koooooo-7 requested a review from a team February 15, 2021 07:02
@Koooooo-7 Koooooo-7 merged commit ff2a66f into develop Feb 18, 2021
@Koooooo-7 Koooooo-7 mentioned this pull request Feb 18, 2021
Merged
19 tasks
@sy-records sy-records deleted the fix-xss branch February 18, 2021 14:45
@sy-records sy-records mentioned this pull request Mar 5, 2021
Merged
1 task
@anikethsaha anikethsaha mentioned this pull request Mar 8, 2021
Closed
This was referenced Mar 9, 2021
Merged
Open
Closed
Merged
@dependabot dependabot bot mentioned this pull request Mar 17, 2021
Merged
@snyk-bot snyk-bot mentioned this pull request Mar 23, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sy-records sy-records sy-records approved these changes

@Koooooo-7 Koooooo-7 Koooooo-7 approved these changes

@anikethsaha anikethsaha Awaiting requested review from anikethsaha

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Security Vulnerability vulnerability report
3 participants
@jhildenbiddle @Koooooo-7 @sy-records