disallow newlines in urls
This commit is contained in:
parent
77d00caccc
commit
4396bb1b56
|
@ -88,7 +88,7 @@ async fn build_text_response(path: &Path) -> Result<HttpResponse, Error> {
|
|||
error::ErrorInternalServerError("this file should be here but could not be found")
|
||||
})?;
|
||||
let encoded = htmlescape::encode_minimal(&content);
|
||||
let html = if Url::from_str(&content).is_ok() {
|
||||
let html = if !content.contains(&['\n', '\r'][..]) && Url::from_str(&content).is_ok() {
|
||||
let attribute_encoded = htmlescape::encode_attribute(&content);
|
||||
URL_VIEW_HTML
|
||||
.replace("{link_content}", &encoded)
|
||||
|
|
Loading…
Reference in New Issue