fix: improper neutralization of user input in image wrapping code

This commit is contained in:
Julian Lam
2023-06-13 11:55:13 -04:00
parent c5cd76e798
commit 1d1639d46f

View File

@@ -26,8 +26,9 @@ define('forum/topic/images', [], function () {
const srcExt = src.split('.').slice(1).pop(); const srcExt = src.split('.').slice(1).pop();
const altFilename = alt.split('/').pop(); const altFilename = alt.split('/').pop();
const altExt = altFilename.split('.').slice(1).pop(); const altExt = altFilename.split('.').slice(1).pop();
imageEl.wrap('<a href="' + src + '" ' + imageEl.wrap('<a href="' + src + '" ' +
(!srcExt && altExt ? ' download="' + altFilename + '" ' : '') + (!srcExt && altExt ? ' download="' + utils.escapeHTML(altFilename) + '" ' : '') +
' target="_blank" rel="noopener">'); ' target="_blank" rel="noopener">');
} }
}; };