Patch #37750: Use existing html pipeline based sanitization for links in custom fields - Redmine

Actions

Copy link

Patch #37750

closed

Use existing html pipeline based sanitization for links in custom fields

Added by Jens Krämer 12 months ago. Updated 10 months ago.

Status:

Closed

Priority:

Normal

Assignee:

Marius BALTEANU

Category:

Custom fields

Target version:

5.1.0

Start date:

Due date:

% Done:

Estimated time:

Description

these patches, extracted from Planio, introduce a standalone HTML sanitizer class (based on the existing code from the common mark formatter) and use it to replace sanitization of links generated by custom fields, including the special class="external" and rel="noopener" treatment for external / target_blank links.

Files

Download all files

0003-uses-the-new-html-sanitizer-for-links-rendered-by-cu.patch (11.2 KB) 0003-uses-the-new-html-sanitizer-for-links-rendered-by-cu.patch		Jens Krämer, 2022-10-04 13:32
0001-always-bundle-html-pipeline-and-sanitizer-gems.patch (930 Bytes) 0001-always-bundle-html-pipeline-and-sanitizer-gems.patch		Jens Krämer, 2022-10-04 13:32
0002-introduces-a-standalone-html-sanitizer-class.patch (3.15 KB) 0002-introduces-a-standalone-html-sanitizer-class.patch		Jens Krämer, 2022-10-04 13:32

Actions

Copy link

Updated by Marius BALTEANU 12 months ago

Target version set to 5.1.0

Actions

Copy link

Updated by Marius BALTEANU 12 months ago

Status changed from New to Resolved
Assignee set to Marius BALTEANU

All three patches committed, thanks!

Actions

Copy link

Updated by Marius BALTEANU 12 months ago

Subject changed from use existing html pipeline based sanitization for links in custom fields to Use existing html pipeline based sanitization for links in custom fields

Actions

Copy link