fix: Avoid XSS in custom attributes (#7800)

This commit is contained in:
Sivin Varghese 2023-09-05 09:49:54 +05:30 committed by GitHub
parent e5f7807833
commit f31fc2b375
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -61,7 +61,7 @@
>
<a
v-if="isAttributeTypeLink"
:href="value"
:href="hrefURL"
target="_blank"
rel="noopener noreferrer"
class="value inline-block rounded-sm mb-0 break-all py-0.5 px-1"
@ -188,6 +188,9 @@ export default {
urlValue() {
return isValidURL(this.value) ? this.value : '---';
},
hrefURL() {
return isValidURL(this.value) ? this.value : '';
},
notAttributeTypeCheckboxAndList() {
return !this.isAttributeTypeCheckbox && !this.isAttributeTypeList;
},