Fix 'ah:' urls for untrusted domains

This commit is contained in:
Nimetu 2015-08-11 19:35:27 +03:00
parent 391c927cb3
commit 67f8fabd8b

View file

@ -709,10 +709,12 @@ namespace NLGUI
if (present[MY_HTML_A_HREF] && value[MY_HTML_A_HREF]) if (present[MY_HTML_A_HREF] && value[MY_HTML_A_HREF])
{ {
string suri = value[MY_HTML_A_HREF]; string suri = value[MY_HTML_A_HREF];
if(_TrustedDomain && suri.find("ah:") == 0) if(suri.find("ah:") == 0)
{ {
// in ah: command we don't respect the uri standard so the HTAnchor_address doesn't work correctly if (_TrustedDomain)
_Link.push_back (suri); _Link.push_back (suri);
else
_Link.push_back ("");
} }
else if (_TrustedDomain && suri[0] == '#') else if (_TrustedDomain && suri[0] == '#')
{ {