scottk/chatwoot
1
0
Fork 0
mirror of https://github.com/lingble/chatwoot.git synced 2025-11-03 20:48:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: Render links with target attribute (#4685)

Browse Source
This commit is contained in:
Pranav Raj S
2022-05-16 11:29:05 +05:30
committed by GitHub
parent 2060f270d3
commit 45e2cd4903
6 changed files with 24 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/javascript/shared/helpers/MessageFormatter.js
View File

@@ -1,6 +1,6 @@
import { marked } from 'marked';
import DOMPurify from 'dompurify';
import { escapeHtml } from './HTMLSanitizer';
import { escapeHtml, afterSanitizeAttributes } from './HTMLSanitizer';
const TWITTER_USERNAME_REGEX = /(^|[^@\w])@(\w{1,15})\b/g;
const TWITTER_USERNAME_REPLACEMENT =
@@ -48,9 +48,7 @@ class MessageFormatter {
const markedDownOutput = marked(withHash);
return markedDownOutput;
}
DOMPurify.addHook('afterSanitizeAttributes', node => {
if ('target' in node) node.setAttribute('target', '_blank');
});
DOMPurify.addHook('afterSanitizeAttributes', afterSanitizeAttributes);
return DOMPurify.sanitize(
marked(this.message, { breaks: true, gfm: true })
);