yuuza/outline
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Remove gist.github.com, gitlab.com from default CSP (#7008)

Browse Source
This commit is contained in:
Tom Moor
2024-06-08 10:54:55 -04:00
committed by GitHub
parent 946cbce06e
commit c02f7c9c85
8 changed files with 156 additions and 187 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
shared/editor/embeds/Gist.tsx
View File

@@ -3,23 +3,13 @@ import Frame from "../components/Frame";
import { EmbedProps as Props } from ".";
function Gist(props: Props) {
const gistUrl = new URL(props.attrs.href);
const id = gistUrl.pathname.split("/")[2];
const gistLink = `https://gist.github.com/${id}.js`;
const gistScript = `<script type="text/javascript" src="${gistLink}"></script>`;
const styles =
"<style>*{ font-size:12px; } body { margin: 0; } .gist .blob-wrapper.data { max-height:300px; overflow:auto; }</style>";
const iframeHtml = `<html><head><base target="_parent">${styles}</head><body>${gistScript}</body></html>`;
return (
<Frame
src={`data:text/html;base64,${btoa(iframeHtml)}`}
src={`/embeds/github?url=${encodeURIComponent(props.attrs.href)}`}
className={props.isSelected ? "ProseMirror-selectednode" : ""}
width="100%"
height="355px"
id={`gist-${id}`}
title="GitHub Gist"
dangerouslySkipSanitizeSrc
/>
);
}