Sanitize `vbscript:` linksrs-data-links

Closes https://dev.gitlab.org/gitlab/gitlabhq/issues/2660
author: Robert Speicher <rspeicher@gmail.com> 2016-02-23 20:40:31 -0500
committer: Robert Speicher <rspeicher@gmail.com> 2016-02-23 20:42:03 -0500
commit: 989946f33717685065812d72e9ed4490fe969104 (patch)
tree: 871536ec2cbb9d929d5966afd93f514b81f0da65 /lib/banzai
parent: 4225fd229f8503c3007e07cbad2ccac319b2547b (diff)
download: gitlab-ce-989946f33717685065812d72e9ed4490fe969104.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/banzai/filter/sanitization_filter.rb b/lib/banzai/filter/sanitization_filter.rb
index c201ace8d35..abd79b329ae 100644
--- a/lib/banzai/filter/sanitization_filter.rb
+++ b/lib/banzai/filter/sanitization_filter.rb
@@ -7,6 +7,8 @@ module Banzai
     #
     # Extends HTML::Pipeline::SanitizationFilter with a custom whitelist.
     class SanitizationFilter < HTML::Pipeline::SanitizationFilter
+      UNSAFE_PROTOCOLS = %w(javascript :javascript data vbscript).freeze
+
       def whitelist
         whitelist = super
 
@@ -62,7 +64,7 @@ module Banzai
           return unless node.name == 'a'
           return unless node.has_attribute?('href')
 
-          if node['href'].start_with?('javascript', ':javascript', 'data')
+          if node['href'].start_with?(*UNSAFE_PROTOCOLS)
             node.remove_attribute('href')
           end
         end
author	Robert Speicher <rspeicher@gmail.com>	2016-02-23 20:40:31 -0500
committer	Robert Speicher <rspeicher@gmail.com>	2016-02-23 20:42:03 -0500
commit	989946f33717685065812d72e9ed4490fe969104 (patch)
tree	871536ec2cbb9d929d5966afd93f514b81f0da65 /lib/banzai
parent	4225fd229f8503c3007e07cbad2ccac319b2547b (diff)
download	gitlab-ce-989946f33717685065812d72e9ed4490fe969104.tar.gz