Hopiu/wagtail
1
0
Fork 0
mirror of https://github.com/Hopiu/wagtail.git synced 2026-03-23 09:20:29 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Filter out mailto: links pasted in Draftail

Browse source
This commit is contained in:
Thibaud Colas 2018-01-18 18:15:12 +02:00
parent efb3768871
commit d1f3eebbab
1 changed files with 7 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
wagtail/admin/wagtail_hooks.py
View file

@ -436,9 +436,14 @@ def register_core_features(features):
# We want to enforce constraints on which links can be pasted into rich text.
# Keep only the attributes Wagtail needs.
'attributes': ['url', 'id', 'parentId'],
# Keep only links which are not anchors, or absolute links from outside of Wagtail.
# Keep only links which:
# - have an undefined href (only set when pasting), or
# - Do not start with # (anchor)
# - Do not start with / (internal)
# - Do not start with mailto: (email)
# For mailto, Wagtail does support those but they could come with query parameters that Wagtail does not support.
'whitelist': {
'href': '^(?![#/])',
'href': '^(?!(#|/|mailto:))',
}
})
)