diff options
author | Philipp Hagemeister <phihag@phihag.de> | 2013-02-05 18:50:21 +0100 |
---|---|---|
committer | Philipp Hagemeister <phihag@phihag.de> | 2013-02-05 18:50:21 +0100 |
commit | f608517d9e1dee126431aafedabdabaa03ec2937 (patch) | |
tree | d3f60375488b2d63bac3d24b0a41d1af3073e213 /markdown/inlinepatterns.py | |
parent | c201f3c706316fbafff51631ce86a0a3784f3218 (diff) | |
download | markdown-f608517d9e1dee126431aafedabdabaa03ec2937.tar.gz markdown-f608517d9e1dee126431aafedabdabaa03ec2937.tar.bz2 markdown-f608517d9e1dee126431aafedabdabaa03ec2937.zip |
Forbid javascript:// URLs in safe mode
Diffstat (limited to 'markdown/inlinepatterns.py')
-rw-r--r-- | markdown/inlinepatterns.py | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/markdown/inlinepatterns.py b/markdown/inlinepatterns.py index a1b264c..1ebb310 100644 --- a/markdown/inlinepatterns.py +++ b/markdown/inlinepatterns.py @@ -364,6 +364,9 @@ class LinkPattern(Pattern): # Not a safe url return '' + if scheme == 'javascript': + return '' + # Url passes all tests. Return url as-is. return urlunparse(url) |