aiden
/
tailchat
mirror of https://github.com/msgbyte/tailchat
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix: fix xss problem when render iframe

Browse Source
chore/cli-prune-script
moonrailgun 5 months ago
parent d57a878a99
commit c1365f2b82
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File

5
client/web/src/components/Markdown/render.tsx
Unescape Escape View File

@ -46,6 +46,11 @@ export const Markdown: React.FC<{
),
iframe: (props) => {
let src = props.src;
if (src?.includes('javascript')) {
return <div>not support run javascript</div>;
}
if (src && src.includes('?')) {
src += '&autoplay=0'; // make sure media autoplay is false
}

Write Preview
Loading…
Cancel
Save