Dinesh Panda
736b5908da
Avoid calling freeze on already frozen strings in lib
2019-09-10 08:11:43 +00:00
Brett Walker
ad05e48863
Add support for using a Camo proxy server
...
User images and videos will get proxied through
the Camo server in order to keep malicious
sites from collecting the IP address of users.
2019-08-23 23:44:53 -05:00
Brett Walker
40983f4a9c
Show tooltip for malicious looking links
...
Such as those with IDN homographs or embedded
right-to-left (RTLO) characters.
Autolinked hrefs should be escaped
2019-01-31 16:52:20 +01:00
Jan Provaznik
08bfec57c3
Set URL rel attribute for broken URLs
...
It's possible that URI fails to parse a link, but browsers
still recognize given URL as a link, we should make sure
that 'rel' attribute is set also in this case.
2018-12-11 17:20:06 +01:00
Stan Hu
8b4154b57f
Enable frozen strings in lib/banzai/filter/*.rb
...
Excludes a few filters that require more work:
* lib/banzai/filter/image_lazy_load_filter_spec.rb
* lib/banzai/filter/syntax_highlight_filter_spec.rb
* lib/banzai/filter/table_of_contents_filter_spec.rb
Part of #47424
2018-07-23 02:39:45 -07:00
Douwe Maan
110f5a1654
Catch all URI errors in ExternalLinkFilter
2017-05-18 10:47:23 -05:00
Robert Speicher
da13d1af3e
Merge branch 'bvl-security-9-1-validate-urls-in-markdown-using-uri'
...
(security-9-1) Add correct `rel` attributes to external links when rendering markdown
See merge request !2097
2017-05-10 16:44:20 +02:00
Makoto Scott-Hinkle
15d83f6ae2
Filter protocol-relative URLs in ExternalLinkFilter. Fixes issue #22742 .
2016-12-21 08:34:30 -08:00
the-undefined
3db585d27c
Add Nofollow for uppercased scheme in external url
...
Ensure that external URLs with non-lowercase protocols will be attributed
with 'nofollow noreferrer' and open up in a new window.
Covers the edge cases to skip:
- HTTPS schemes
- relative links
Closes #22782
2016-10-18 13:54:02 +01:00
Paco Guzman
ae6a54f73c
Banzai::Filter::ExternalLinkFilter use XPath
2016-06-16 14:13:29 +02:00
Alfredo Sumaran
064cff13fd
Remove obvious comment and extra line
2016-06-08 13:07:20 -05:00
Alfredo Sumaran
7be19db42f
Set target="_blank" for external links
2016-06-08 13:07:20 -05:00
Alfredo Sumaran
72debd840c
Fix failing spec
2016-04-21 14:38:44 -05:00
Alfredo Sumaran
dbe06ac790
Add noreferrer value to rel attribute for external links
2016-04-20 23:55:06 -05:00
Robert Speicher
8558483417
Remove redundant `require`s from Banzai files
...
We're trying to avoid circular dependency errors.
2016-03-24 13:23:47 -04:00
Douwe Maan
2a20c0e590
Prevent circular reference error in Banzai
2016-01-14 11:30:28 +01:00
Douwe Maan
7781bda9bd
Move Markdown/reference logic from Gitlab::Markdown to Banzai
2015-12-15 15:51:16 +01:00