Skip to content

Commit

Permalink
Merge pull request #4933 from REVERB283/bug/4716_fix_target_blank_get…
Browse files Browse the repository at this point in the history
…ting_sanitized

fix: target blank removed from anchor tag
  • Loading branch information
sidharthv96 authored Nov 9, 2023
2 parents 72038a6 + 3394541 commit ee49c4b
Show file tree
Hide file tree
Showing 3 changed files with 47 additions and 1 deletion.
12 changes: 12 additions & 0 deletions cypress/integration/rendering/classDiagram.spec.js
Original file line number Diff line number Diff line change
Expand Up @@ -501,4 +501,16 @@ describe('Class diagram', () => {
B : -methods()
`);
});

it('should handle notes with anchor tag having target attribute', () => {
renderGraph(
`classDiagram
class test { }
note for test "<a href='https://mermaid.js.org/' target="_blank"><code>note about mermaid</code></a>"`
);

cy.get('svg').then((svg) => {
cy.get('a').should('have.attr', 'target', '_blank').should('have.attr', 'rel', 'noopener');
});
});
});
14 changes: 14 additions & 0 deletions packages/mermaid/src/diagrams/common/common.spec.ts
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,20 @@ describe('when securityLevel is antiscript, all script must be removed', () => {
compareRemoveScript(`<img onerror="alert('hello');">`, `<img>`);
});

it('should detect unsecured target attribute, if value is _blank then generate a secured link', () => {
compareRemoveScript(
`<a href="https://mermaid.js.org/" target="_blank">note about mermaid</a>`,
`<a href="https://mermaid.js.org/" target="_blank" rel="noopener">note about mermaid</a>`
);
});

it('should detect unsecured target attribute from links', () => {
compareRemoveScript(
`<a href="https://mermaid.js.org/" target="_self">note about mermaid</a>`,
`<a href="https://mermaid.js.org/" target="_self">note about mermaid</a>`
);
});

it('should detect iframes', () => {
compareRemoveScript(
`<iframe src="http://abc.com/script1.js"></iframe>
Expand Down
22 changes: 21 additions & 1 deletion packages/mermaid/src/diagrams/common/common.ts
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,27 @@ export const getRows = (s?: string): string[] => {
* @returns The safer text
*/
export const removeScript = (txt: string): string => {
return DOMPurify.sanitize(txt);
const TEMPORARY_ATTRIBUTE = 'data-temp-href-target';

DOMPurify.addHook('beforeSanitizeAttributes', (node: Element) => {
if (node.tagName === 'A' && node.hasAttribute('target')) {
node.setAttribute(TEMPORARY_ATTRIBUTE, node.getAttribute('target') || '');
}
});

const sanitizedText = DOMPurify.sanitize(txt);

DOMPurify.addHook('afterSanitizeAttributes', (node: Element) => {
if (node.tagName === 'A' && node.hasAttribute(TEMPORARY_ATTRIBUTE)) {
node.setAttribute('target', node.getAttribute(TEMPORARY_ATTRIBUTE) || '');
node.removeAttribute(TEMPORARY_ATTRIBUTE);
if (node.getAttribute('target') === '_blank') {
node.setAttribute('rel', 'noopener');
}
}
});

return sanitizedText;
};

const sanitizeMore = (text: string, config: MermaidConfig) => {
Expand Down

0 comments on commit ee49c4b

Please sign in to comment.