This is an automated email from the ASF dual-hosted git repository.
potiuk pushed a commit to branch v2-10-test
in repository https://gitbox.apache.org/repos/asf/airflow.git
The following commit(s) were added to refs/heads/v2-10-test by this push:
new 478f1f3bdb Adding url sanitisation for extra links (#41665) (#41680)
478f1f3bdb is described below
commit 478f1f3bdb9237acd739e50b81105eb947c017bf
Author: Amogh Desai <[email protected]>
AuthorDate: Thu Aug 22 21:34:27 2024 +0530
Adding url sanitisation for extra links (#41665) (#41680)
(cherry picked from commit 6c463b3c37fd9aef56ceace7e7b141d892b57054)
---
airflow/www/static/js/dag/details/taskInstance/ExtraLinks.tsx | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/airflow/www/static/js/dag/details/taskInstance/ExtraLinks.tsx
b/airflow/www/static/js/dag/details/taskInstance/ExtraLinks.tsx
index 1cd4c450c3..06528eab6e 100644
--- a/airflow/www/static/js/dag/details/taskInstance/ExtraLinks.tsx
+++ b/airflow/www/static/js/dag/details/taskInstance/ExtraLinks.tsx
@@ -53,6 +53,14 @@ const ExtraLinks = ({
const isExternal = (url: string | null) =>
url && /^(?:[a-z]+:)?\/\//.test(url);
+ const isSanitised = (url: string | null) => {
+ if (!url) {
+ return true;
+ }
+ const urlRegex = /^(https?:)/i;
+ return urlRegex.test(url);
+ };
+
return (
<Box my={3}>
<Text as="strong">Extra Links</Text>
@@ -63,7 +71,7 @@ const ExtraLinks = ({
as={Link}
colorScheme="blue"
href={url}
- isDisabled={!url}
+ isDisabled={!isSanitised(url)}
target={isExternal(url) ? "_blank" : undefined}
mr={2}
>
