From f08ebf5a9b944a34d5e38d823e0e19dbc2c7fe27 Mon Sep 17 00:00:00 2001 From: fiddlosopher Date: Thu, 16 Oct 2008 01:00:51 +0000 Subject: Added colons to protocols in unsanitaryURI in HTML reader. Closes Issue #88. git-svn-id: https://pandoc.googlecode.com/svn/trunk@1462 788f1e2b-df1e-0410-8736-df70ead52e1b --- Text/Pandoc/Readers/HTML.hs | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/Text/Pandoc/Readers/HTML.hs b/Text/Pandoc/Readers/HTML.hs index a9025f0d2..10b7ad011 100644 --- a/Text/Pandoc/Readers/HTML.hs +++ b/Text/Pandoc/Readers/HTML.hs @@ -136,16 +136,16 @@ unsanitaryAttribute (attr, val, _) = do -- | Returns @True@ if the specified URI is potentially a security risk. unsanitaryURI :: String -> Bool unsanitaryURI u = - let safeURISchemes = [ "", "http", "https", "ftp", "mailto", "file", - "telnet", "gopher", "aaa", "aaas", "acap", "cap", "cid", - "crid", "dav", "dict", "dns", "fax", "go", "h323", "im", - "imap", "ldap", "mid", "news", "nfs", "nntp", "pop", - "pres", "sip", "sips", "snmp", "tel", "urn", "wais", - "xmpp", "z39.50r", "z39.50s", "aim", "callto", "cvs", - "ed2k", "feed", "fish", "gg", "irc", "ircs", "lastfm", - "ldaps", "magnet", "mms", "msnim", "notes", "rsync", - "secondlife", "skype", "ssh", "sftp", "smb", "sms", - "snews", "webcal", "ymsgr"] + let safeURISchemes = [ "", "http:", "https:", "ftp:", "mailto:", "file:", + "telnet:", "gopher:", "aaa:", "aaas:", "acap:", "cap:", "cid:", + "crid:", "dav:", "dict:", "dns:", "fax:", "go:", "h323:", "im:", + "imap:", "ldap:", "mid:", "news:", "nfs:", "nntp:", "pop:", + "pres:", "sip:", "sips:", "snmp:", "tel:", "urn:", "wais:", + "xmpp:", "z39.50r:", "z39.50s:", "aim:", "callto:", "cvs:", + "ed2k:", "feed:", "fish:", "gg:", "irc:", "ircs:", "lastfm:", + "ldaps:", "magnet:", "mms:", "msnim:", "notes:", "rsync:", + "secondlife:", "skype:", "ssh:", "sftp:", "smb:", "sms:", + "snews:", "webcal:", "ymsgr:"] in case parseURIReference u of Just p -> (map toLower $ uriScheme p) `notElem` safeURISchemes Nothing -> True -- cgit v1.2.3