extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-23 08:23:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

Only inline svg within WebserverRoot and containing bi-

Browse Source 
-- we use bi- to mark images that should behave like bootstrap font images
This commit is contained in:
milan 2024-11-11 16:32:54 +01:00
parent 1d5457b477
commit 034b0b4645
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
api/js/etemplate/Et2Image/Et2Image.ts
View File

@ -185,8 +185,8 @@ export class Et2Image extends Et2Widget(LitElement) implements et2_IDetachedDOM
// our own svg images
//only call unsafeHtml when we are inside /egroupware/
const ourSvg = url.match(/\/egroupware\/([^.]+)\.svg/);
if (ourSvg)
const ourSvg = url.startsWith(this.egw().webserverUrl + '/') //checks if source is trusted
if (ourSvg && url.match(/\/bi-.*\.svg/))
{
const svg = fetch(url)
.then(res => res.text()