rixty/SillyTavern
1
0
Fork 0
mirror of https://github.com/SillyTavern/SillyTavern.git synced 2025-02-23 07:27:41 +01:00
Code Issues Packages Projects Releases Wiki Activity

Don't insert non-HTTP links to extension origin

Browse Source
This commit is contained in:
Cohee 2024-12-10 00:01:54 +02:00
parent 5a01eb8eb1
commit df8e0ba923
1 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
public/scripts/extensions.js
View File

@ -1068,7 +1068,7 @@ async function checkForUpdatesManual(abortSignal) {
try {
const data = await getExtensionVersion(externalId, abortSignal);
const extensionBlock = document.querySelector(`.extension_block[data-name="${externalId}"]`);
if (extensionBlock) {
if (extensionBlock && data) {
if (data.isUpToDate === false) {
const buttonElement = extensionBlock.querySelector('.btn_update');
if (buttonElement) {
@ -1085,9 +1085,17 @@ async function checkForUpdatesManual(abortSignal) {
const originLink = extensionBlock.querySelector('a');
if (originLink) {
originLink.href = origin;
originLink.target = '_blank';
originLink.rel = 'noopener noreferrer';
try {
const url = new URL(origin);
if (!['https:', 'http:'].includes(url.protocol)) {
throw new Error('Invalid protocol');
}
originLink.href = url.href;
originLink.target = '_blank';
originLink.rel = 'noopener noreferrer';
} catch (error) {
console.log('Error setting origin link', originLink, error);
}
}
const versionElement = extensionBlock.querySelector('.extension_version');