UNPKG

@awsui/components-react

Version:

On July 19th, 2022, we launched [Cloudscape Design System](https://cloudscape.design). Cloudscape is an evolution of AWS-UI. It consists of user interface guidelines, front-end components, design resources, and development tools for building intuitive, en

github.com/aws/awsui-documentation

28 lines 1.14 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 import { warnOnce } from '@awsui/component-toolkit/internal'; const allowedJavascriptUrls = ['javascript:void(0)', 'javascript:void(0);', 'javascript:;']; export function checkSafeUrl(component, url) { if (!url) { return; } if (allowedJavascriptUrls.indexOf(url.toLowerCase()) !== -1) { return; } let parsedUrl; try { parsedUrl = new URL(url); } catch { // If the URL cannot be parsed by the browser, it likely does not pose a security risk. return; } if (parsedUrl.protocol === 'javascript:') { warnOnce(component, `A javascript: URL was blocked as a security precaution. The URL was "${url}".`); // This mirrors the error message that React will use: // https://github.com/facebook/react/blob/a724a3b578dce77d427bef313102a4d0e978d9b4/packages/react-dom/src/shared/sanitizeURL.js#L30 throw new Error(`A javascript: URL was blocked as a security precaution.`); } return; } //# sourceMappingURL=check-safe-url.js.map