Show More
@@ -60,7 +60,9 b' class CustomHTMLTranslator(writers.html4' | |||
|
60 | 60 | refuri = node['refuri'] |
|
61 | 61 | if ':' in refuri: |
|
62 | 62 | prefix, link = refuri.lstrip().split(':', 1) |
|
63 |
|
|
|
63 | prefix = prefix or '' | |
|
64 | ||
|
65 | if prefix.lower() == 'javascript': | |
|
64 | 66 | # we don't allow javascript type of refs... |
|
65 | 67 | node['refuri'] = 'javascript:alert("SandBoxedJavascript")' |
|
66 | 68 |
General Comments 0
You need to be logged in to leave comments.
Login now