mirror of
https://github.com/moparisthebest/mail
synced 2024-08-13 16:43:47 -04:00
[WO-03-002] Fix Insecure Regex Usage on DOMPurify Sanitizer Output (Medium)
This commit is contained in:
parent
55406cf7e8
commit
246d19b76e
@ -46,7 +46,8 @@
|
||||
"Lawnchair",
|
||||
"_",
|
||||
"openpgp",
|
||||
"PhoneNumber"
|
||||
"PhoneNumber",
|
||||
"DOMPurify"
|
||||
],
|
||||
|
||||
"globals": {}
|
||||
|
@ -39,7 +39,7 @@
|
||||
"browsersmtp": "https://github.com/whiteout-io/browsersmtp/tarball/master",
|
||||
"chai": "~1.9.2",
|
||||
"crypto-lib": "~0.2.1",
|
||||
"dompurify": "~0.4.2",
|
||||
"dompurify": "~0.6.3",
|
||||
"grunt": "~0.4.1",
|
||||
"grunt-angular-templates": "~0.5.7",
|
||||
"grunt-autoprefixer": "~0.7.2",
|
||||
@ -78,4 +78,4 @@
|
||||
"assemble": "~0.4.42",
|
||||
"handlebars-helper-compose": "~0.2.12"
|
||||
}
|
||||
}
|
||||
}
|
@ -1,5 +1,13 @@
|
||||
'use strict';
|
||||
|
||||
// add DOMPurify hook to sanitze attributes
|
||||
DOMPurify.addHook('afterSanitizeAttributes', function(node) {
|
||||
// open all links in a new window
|
||||
if ('target' in node) {
|
||||
node.setAttribute('target', '_blank');
|
||||
}
|
||||
});
|
||||
|
||||
// set listener for event from main window
|
||||
window.onmessage = function(e) {
|
||||
var html = '';
|
||||
@ -13,19 +21,16 @@ window.onmessage = function(e) {
|
||||
}
|
||||
|
||||
// sanitize HTML content: https://github.com/cure53/DOMPurify
|
||||
html = window.DOMPurify.sanitize(html);
|
||||
// make links open in a new window
|
||||
html = html.replace(/<a /g, '<a target="_blank" ');
|
||||
|
||||
// remove sources where necessary
|
||||
if (e.data.removeImages) {
|
||||
html = html.replace(/(<img[^>]+\b)src=['"][^'">]+['"]/ig, function(match, prefix) {
|
||||
return prefix;
|
||||
// remove http leaks
|
||||
document.body.innerHTML = DOMPurify.sanitize(html, {
|
||||
FORBID_TAGS: ['style', 'svg', 'audio', 'video'],
|
||||
FORBID_ATTR: ['src']
|
||||
});
|
||||
} else {
|
||||
document.body.innerHTML = DOMPurify.sanitize(html);
|
||||
}
|
||||
|
||||
document.body.innerHTML = html;
|
||||
|
||||
attachClickHandlers();
|
||||
};
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user