Patch #37750: Use existing html pipeline based sanitization for links in custom fields - Redmine

Actions

Copy link

Patch #37750

closed

Use existing html pipeline based sanitization for links in custom fields

Added by Jens Krämer over 2 years ago. Updated over 2 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Marius BĂLTEANU

Category:

Custom fields

Target version:

5.1.0

Start date:

Due date:

% Done:

Estimated time:

Description

these patches, extracted from Planio, introduce a standalone HTML sanitizer class (based on the existing code from the common mark formatter) and use it to replace sanitization of links generated by custom fields, including the special class="external" and rel="noopener" treatment for external / target_blank links.

Files

Download all files

0003-uses-the-new-html-sanitizer-for-links-rendered-by-cu.patch (11.2 KB) 0003-uses-the-new-html-sanitizer-for-links-rendered-by-cu.patch		Jens Krämer, 2022-10-04 13:32
0001-always-bundle-html-pipeline-and-sanitizer-gems.patch (930 Bytes) 0001-always-bundle-html-pipeline-and-sanitizer-gems.patch		Jens Krämer, 2022-10-04 13:32
0002-introduces-a-standalone-html-sanitizer-class.patch (3.15 KB) 0002-introduces-a-standalone-html-sanitizer-class.patch		Jens Krämer, 2022-10-04 13:32

Actions

Copy link

Updated by Marius BĂLTEANU over 2 years ago

Target version set to 5.1.0

Actions

Copy link

Updated by Marius BĂLTEANU over 2 years ago

Status changed from New to Resolved
Assignee set to Marius BĂLTEANU

All three patches committed, thanks!

Actions

Copy link

Updated by Marius BĂLTEANU over 2 years ago

Subject changed from use existing html pipeline based sanitization for links in custom fields to Use existing html pipeline based sanitization for links in custom fields

Actions

Copy link