Fixes #7788: Improve XSS mitigation in Markdown renderer

2024-05-10 07:54:54 +00:00 · 2021-11-11 15:38:34 -05:00
parent 2f064cdfd1
commit a799094227
2 changed files with 8 additions and 2 deletions
@@ -40,14 +40,19 @@ def render_markdown(value):
    """
    Render text as Markdown
    """
+    schemes = '|'.join(settings.ALLOWED_URL_SCHEMES)
+
    # Strip HTML tags
    value = strip_tags(value)

    # Sanitize Markdown links
-    schemes = '|'.join(settings.ALLOWED_URL_SCHEMES)
-    pattern = fr'\[(.+)\]\((?!({schemes})).*:(.+)\)'
+    pattern = fr'\[([^\]]+)\]\((?!({schemes})).*:(.+)\)'
    value = re.sub(pattern, '[\\1](\\3)', value, flags=re.IGNORECASE)

+    # Sanitize Markdown reference links
+    pattern = fr'\[(.+)\]:\w?(?!({schemes})).*:(.+)'
+    value = re.sub(pattern, '[\\1]: \\3', value, flags=re.IGNORECASE)
+
    # Render Markdown
    html = markdown(value, extensions=['fenced_code', 'tables'])