Open aujourdui opened 5 months ago
Although I fixed this issue in my local and I tried to push, it occured below error. Do I need to have any permission to push and create a PR for this repository?
Permission to nhn/tui.editor.git denied to aujourdui. fatal: unable to access 'https://github.com/nhn/tui.editor.git/': The requested URL returned error: 403
Version
Write the version that you are currently using. @toast-ui/vue-editor: 3.2.3
Development Environment
Write the browser type, OS and so on. Mas OS Sonoma14.0
Current Behavior
When we add image by URL input, it's fine to add image by URL such as "https" or "http". However, we can add an image by this URL input with data URL format such as![γΉγ―γͺγΌγ³γ·γ§γγ 2024-01-24 17 21 17](https://github.com/nhn/tui.editor/assets/65107636/03ec9c33-1ea1-40dd-8894-d6e3bcc30e7c)
data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAB3oAAAK1CAYAAAAuQ+8vAAABX2lDQ1...
This is unexpected action but this URL input not covered by addImageBlobHook so it's difficult to validate it.
Expected Behavior
Write a description of the future action.
I propose this URL input validation by "https" and "http" to filter unexpected embedding dataURI. It's not difficult and it's probably more secure.