Merge branch '9.0RC'9.0

author: Mario <mario@mariovavti.com> 2024-03-22 08:37:29 +0000
committer: Mario <mario@mariovavti.com> 2024-03-22 08:37:29 +0000
commit: 1aeb05628b6a2a069c46980efbe628362c9e3e74 (patch)
tree: e9aed15d0cd74e0c23dcb05c7be8fe9541efdf36 /vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrTransform/TargetBlank.php
parent: 5b7387459cf4de8f7354d81cb0392c4225714d94 (diff)
parent: b464fae3bf22585888c5f3def8eded76fd48ed16 (diff)
download: volse-hubzilla-9.0.tar.gz
volse-hubzilla-9.0.tar.bz2
volse-hubzilla-9.0.zip
1 files changed, 5 insertions, 1 deletions
diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrTransform/TargetBlank.php b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrTransform/TargetBlank.php
index dd63ea89c..cc30ab8c3 100644
--- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrTransform/TargetBlank.php
+++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrTransform/TargetBlank.php
@@ -33,7 +33,11 @@ class HTMLPurifier_AttrTransform_TargetBlank extends HTMLPurifier_AttrTransform
 
         // XXX Kind of inefficient
         $url = $this->parser->parse($attr['href']);
-        $scheme = $url->getSchemeObj($config, $context);
+        
+        // Ignore invalid schemes (e.g. `javascript:`)
+        if (!($scheme = $url->getSchemeObj($config, $context))) {
+            return $attr;
+        }
 
         if ($scheme->browsable && !$url->isBenign($config, $context)) {
             $attr['target'] = '_blank';
author	Mario <mario@mariovavti.com>	2024-03-22 08:37:29 +0000
committer	Mario <mario@mariovavti.com>	2024-03-22 08:37:29 +0000
commit	1aeb05628b6a2a069c46980efbe628362c9e3e74 (patch)
tree	e9aed15d0cd74e0c23dcb05c7be8fe9541efdf36 /vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrTransform/TargetBlank.php
parent	5b7387459cf4de8f7354d81cb0392c4225714d94 (diff)
parent	b464fae3bf22585888c5f3def8eded76fd48ed16 (diff)
download	volse-hubzilla-9.0.tar.gz volse-hubzilla-9.0.tar.bz2 volse-hubzilla-9.0.zip