mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-11-27 02:14:45 +01:00
Only inline svg within WebserverRoot and containing bi-
-- we use bi- to mark images that should behave like bootstrap font images
This commit is contained in:
parent
1d5457b477
commit
034b0b4645
@ -185,8 +185,8 @@ export class Et2Image extends Et2Widget(LitElement) implements et2_IDetachedDOM
|
||||
|
||||
// our own svg images
|
||||
//only call unsafeHtml when we are inside /egroupware/
|
||||
const ourSvg = url.match(/\/egroupware\/([^.]+)\.svg/);
|
||||
if (ourSvg)
|
||||
const ourSvg = url.startsWith(this.egw().webserverUrl + '/') //checks if source is trusted
|
||||
if (ourSvg && url.match(/\/bi-.*\.svg/))
|
||||
{
|
||||
const svg = fetch(url)
|
||||
.then(res => res.text()
|
||||
|
Loading…
Reference in New Issue
Block a user