sendnrw/misskey
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(client): validate urls to improve security

Browse Source
This commit is contained in:
syuilo
2023-02-04 09:10:01 +09:00
parent 572000f868
commit 788ae2f6ca
4 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
packages/frontend/src/components/MkYoutubePlayer.vue
View File

@@ -26,6 +26,7 @@ const props = defineProps<{
}>();
const requestUrl = new URL(props.url);
if (!['http:', 'https:'].includes(requestUrl.protocol)) throw new Error('invalid url');
let fetching = $ref(true);
let title = $ref<string | null>(null);