aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorWaylan Limberg <waylan@gmail.com>2013-02-06 12:03:50 -0500
committerWaylan Limberg <waylan@gmail.com>2013-02-06 12:03:50 -0500
commit0b4ffbb60ef4a81cc6e5606ac40a42380077a690 (patch)
treec64b6f8661aa917ebb21d15e363b4b22aa0e5ff7
parent86381a43fe13a7c87e8a0b07c6117f1767b6acc0 (diff)
downloadmarkdown-0b4ffbb60ef4a81cc6e5606ac40a42380077a690.tar.gz
markdown-0b4ffbb60ef4a81cc6e5606ac40a42380077a690.tar.bz2
markdown-0b4ffbb60ef4a81cc6e5606ac40a42380077a690.zip
Whitelisted known safe url schemes in safe_mode. A better fix for #185.
Diffstat
-rw-r--r--markdown/inlinepatterns.py13
1 files changed, 7 insertions, 6 deletions
diff --git a/markdown/inlinepatterns.py b/markdown/inlinepatterns.py
index 1ebb310..f64aa58 100644
--- a/markdown/inlinepatterns.py
+++ b/markdown/inlinepatterns.py
@@ -354,19 +354,20 @@ class LinkPattern(Pattern):
return ''
locless_schemes = ['', 'mailto', 'news']
+ allowed_schemes = locless_schemes + ['http', 'https', 'ftp', 'ftps']
+ if scheme not in allowed_schemes:
+ # Not a known (allowed) scheme. Not safe.
+ return ''
+
if netloc == '' and scheme not in locless_schemes:
- # This fails regardless of anything else.
- # Return immediately to save additional proccessing
+ # This should not happen. Treat as suspect.
return ''
for part in url[2:]:
if ":" in part:
- # Not a safe url
+ # A colon in "path", "parameters", "query" or "fragment" is suspect.
return ''
- if scheme == 'javascript':
- return ''
-
# Url passes all tests. Return url as-is.
return urlunparse(url)
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-23 07:50:37 +0000