diff options
author | Mario <mario@mariovavti.com> | 2024-03-22 08:37:29 +0000 |
---|---|---|
committer | Mario <mario@mariovavti.com> | 2024-03-22 08:37:29 +0000 |
commit | 1aeb05628b6a2a069c46980efbe628362c9e3e74 (patch) | |
tree | e9aed15d0cd74e0c23dcb05c7be8fe9541efdf36 /vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrTransform | |
parent | 5b7387459cf4de8f7354d81cb0392c4225714d94 (diff) | |
parent | b464fae3bf22585888c5f3def8eded76fd48ed16 (diff) | |
download | volse-hubzilla-9.0.tar.gz volse-hubzilla-9.0.tar.bz2 volse-hubzilla-9.0.zip |
Merge branch '9.0RC'9.0
Diffstat (limited to 'vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrTransform')
-rw-r--r-- | vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrTransform/TargetBlank.php | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrTransform/TargetBlank.php b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrTransform/TargetBlank.php index dd63ea89c..cc30ab8c3 100644 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrTransform/TargetBlank.php +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrTransform/TargetBlank.php @@ -33,7 +33,11 @@ class HTMLPurifier_AttrTransform_TargetBlank extends HTMLPurifier_AttrTransform // XXX Kind of inefficient $url = $this->parser->parse($attr['href']); - $scheme = $url->getSchemeObj($config, $context); + + // Ignore invalid schemes (e.g. `javascript:`) + if (!($scheme = $url->getSchemeObj($config, $context))) { + return $attr; + } if ($scheme->browsable && !$url->isBenign($config, $context)) { $attr['target'] = '_blank'; |