From bdddda542b8bdcb92ace084afca18e996d82a743 Mon Sep 17 00:00:00 2001 From: jeffhardy Date: Fri, 3 Aug 2018 13:01:11 -0700 Subject: [PATCH] Support override of ALLOWED_URI_SCHEMES with html4.allowedUriSchemes --- src/com/google/caja/plugin/html-sanitizer.js | 6 +++++- src/com/google/caja/plugin/sanitizecss.js | 6 +++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/src/com/google/caja/plugin/html-sanitizer.js b/src/com/google/caja/plugin/html-sanitizer.js index d803c3e9..e249d52c 100644 --- a/src/com/google/caja/plugin/html-sanitizer.js +++ b/src/com/google/caja/plugin/html-sanitizer.js @@ -812,13 +812,17 @@ var html = (function(html4) { var ALLOWED_URI_SCHEMES = /^(?:https?|geo|mailto|sms|tel)$/i; + function getAllowedUriSchemes() { + return html4.allowedUriSchemes || ALLOWED_URI_SCHEMES; + } + function safeUri(uri, effect, ltype, hints, naiveUriRewriter) { if (!naiveUriRewriter) { return null; } try { var parsed = URI.parse('' + uri); if (parsed) { if (!parsed.hasScheme() || - ALLOWED_URI_SCHEMES.test(parsed.getScheme())) { + getAllowedUriSchemes().test(parsed.getScheme())) { var safe = naiveUriRewriter(parsed, effect, ltype, hints); return safe ? safe.toString() : null; } diff --git a/src/com/google/caja/plugin/sanitizecss.js b/src/com/google/caja/plugin/sanitizecss.js index 72901d5a..d6f40988 100644 --- a/src/com/google/caja/plugin/sanitizecss.js +++ b/src/com/google/caja/plugin/sanitizecss.js @@ -92,6 +92,10 @@ var sanitizeMediaQuery = undefined; var ALLOWED_URI_SCHEMES = /^(?:https?|geo|mailto|sms|tel)$/i; + function getAllowedUriSchemes() { + return html4.allowedUriSchemes || ALLOWED_URI_SCHEMES; + } + function resolveUri(baseUri, uri) { if (baseUri) { return URI.utils.resolve(baseUri, uri); @@ -102,7 +106,7 @@ var sanitizeMediaQuery = undefined; function safeUri(uri, prop, naiveUriRewriter) { if (!naiveUriRewriter) { return null; } var parsed = ('' + uri).match(URI_SCHEME_RE); - if (parsed && (!parsed[1] || ALLOWED_URI_SCHEMES.test(parsed[1]))) { + if (parsed && (!parsed[1] || getAllowedUriSchemes().test(parsed[1]))) { return naiveUriRewriter(uri, prop); } else { return null;