Nemcio/Redmine
1
0
Fork 0
mirror of https://github.com/redmine/redmine.git synced 2025-12-17 05:50:29 +01:00
Code Issues Packages Projects Releases Activity

White list protocols allowed for Textile links (#32934).

Browse Source 
git-svn-id: http://svn.redmine.org/redmine/trunk@19489 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Jean-Philippe Lang
2020-02-02 10:19:16 +00:00
parent 0cd14b3a4b
commit e9d5b0b8dc
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/redmine/wiki_formatting/textile/redcloth3.rb
View File

@@ -350,7 +350,7 @@ class RedCloth3 < String
PUNCT = Regexp::quote( '!"#$%&\'*+,-./:;=?@\\^_`|~' ) PUNCT = Regexp::quote( '!"#$%&\'*+,-./:;=?@\\^_`|~' )
PUNCT_NOQ = Regexp::quote( '!"#$&\',./:;=?@\\`|' ) PUNCT_NOQ = Regexp::quote( '!"#$&\',./:;=?@\\`|' )
PUNCT_Q = Regexp::quote( '*-_+^~%' ) PUNCT_Q = Regexp::quote( '*-_+^~%' )
HYPERLINK = '(\S+?)([^\w\s/;=\?]*?)(?=\s|<|$)' HYPERLINK = '(?=\/|https?:\/\/|s?ftps?:\/\/|www\.|mailto:)(\S+?)([^\w\s/;=\?]*?)(?=\s|<|$)'
# Text markup tags, don't conflict with block tags # Text markup tags, don't conflict with block tags
SIMPLE_HTML_TAGS = [ SIMPLE_HTML_TAGS = [
@@ -815,7 +815,7 @@ class RedCloth3 < String
(?:\(([^)]+?)\)(?="))? # $title (?:\(([^)]+?)\)(?="))? # $title
": ":
( # $url ( # $url
(\/|[a-zA-Z]+:\/\/|www\.|mailto:) # $proto (\/|https?:\/\/|s?ftps?:\/\/|www\.|mailto:) # $proto
[[:alnum:]_\/]\S+? [[:alnum:]_\/]\S+?
) )
(\/)? # $slash (\/)? # $slash