search

DevProgress / csv-simple-search

Generic Search and Export Tool for .csv files
Apache License 2.0
6 stars 3 forks source link

make links clickable #72

Closed decause closed 8 years ago

decause commented 8 years ago

There are libraries (even react libraries) that help with this.

decause commented 8 years ago

http://tasti.github.io/react-linkify/

Via @dxa4481

dxa4481 commented 8 years ago

This is a potential XSS vector, so library++ 

<a href="javascript:alert(1)"></a>
bscofield commented 8 years ago

On it.

bscofield commented 8 years ago

https://github.com/DevProgress/csv-simple-search/pull/73

bscofield commented 8 years ago

react-linkify uses markdown-it/linkify-it behind the scenes; some quick XSS testing later, it looks like it'll be OK (but more people banging on it on the security side is always a good idea)