From 16a39b364c87bcfcbe5cf025422ae1f3c9d626f4 Mon Sep 17 00:00:00 2001 From: Carter Date: Mon, 23 Oct 2023 17:02:08 -0700 Subject: [PATCH] Change editor to comply with domain rules MOD-537 (#118) * insert link rules * change error message --- lib/components/base/MarkdownEditor.vue | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/lib/components/base/MarkdownEditor.vue b/lib/components/base/MarkdownEditor.vue index 629af93c..a6f2d8c6 100644 --- a/lib/components/base/MarkdownEditor.vue +++ b/lib/components/base/MarkdownEditor.vue @@ -460,7 +460,7 @@ function validateURL() { } function cleanUrl(input: string): string { - let url + let url: URL // Attempt to validate and parse the URL try { @@ -479,6 +479,12 @@ function cleanUrl(input: string): string { url.protocol = 'https:' } + // Block certain domains for compliance + const blockedDomains = ['forgecdn', 'cdn.discordapp', 'media.discordapp'] + if (blockedDomains.some((domain) => url.hostname.includes(domain))) { + throw new Error('Invalid URL. This domain is not allowed.') + } + return url.toString() }