marcel/mermaid
1
0
Fork 0
mirror of https://github.com/mermaid-js/mermaid.git synced 2025-11-02 20:04:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix for vulnerability

Browse Source
This commit is contained in:
Knut Sveidqvist
2022-04-21 21:11:48 +02:00
parent ca256308f2
commit df87ab8818
6 changed files with 246 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/diagrams/common/common.js
View File

@@ -59,6 +59,7 @@ export const removeScript = (txt) => {
let decodedText = removeEscapes(rs);
decodedText = decodedText.replace(/script>/gi, '#');
decodedText = decodedText.replace(/javascript:/gi, '#');
decodedText = decodedText.replace(/javascript&colon/gi, '#');
decodedText = decodedText.replace(/onerror=/gi, 'onerror:');
decodedText = decodedText.replace(/<iframe/gi, '');
return decodedText;

5
src/mermaidAPI.js
View File

@@ -62,6 +62,7 @@ import { log, setLogLevel } from './logger';
import getStyles from './styles';
import theme from './themes';
import utils, { directiveSanitizer, assignWithDepth, sanitizeCss } from './utils';
import DOMPurify from 'dompurify';
/**
* @param text
@@ -541,6 +542,10 @@ const render = function (id, _txt, cb, container) {
)}" sandbox="allow-top-navigation-by-user-activation allow-popups">
The “iframe” tag is not supported by your browser.
</iframe>`;
} else {
if (cnf.securityLevel !== 'loose') {
svgCode = DOMPurify.sanitize(svgCode, { ADD_TAGS: ['foreignobject'] });
}
}
if (typeof cb !== 'undefined') {