nishiki/hugo-theme-relearn
1
0
Fork 0
mirror of https://github.com/McShelby/hugo-theme-relearn.git synced 2024-11-23 07:47:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

security: fix XSS for malicioius image URLs #117

Browse source
This commit is contained in:
Sören Weber 2021-10-12 16:32:45 +02:00
parent 7c1dd4c32c
commit e9cf2a8580
No known key found for this signature in database
GPG key ID: 07D17FF580AE7589
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
static/js/relearn.js
View file

@ -148,7 +148,8 @@ images.wrap(function(){
// IF featherlight is false, do not use feather light
if (f != 'false') {
if (!image.parent("a").length) {
return "<a href='" + image[0].src + "' data-featherlight='image'></a>";
var html = $( "<a>" ).attr("href", image[0].src).attr("data-featherlight", "image").get(0).outerHTML;
return html;
}
}
});