From 2d068544f6b230850dd279efc51fdcb21ff1087c Mon Sep 17 00:00:00 2001
From: Grant <149294029+gtsp233@users.noreply.github.com>
Date: Sun, 21 Jan 2024 01:08:17 -0500
Subject: [PATCH] Validate User-provided URL to prevent XSS

---
 components/react-menu/src/LinkSubMenu.tsx | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/components/react-menu/src/LinkSubMenu.tsx b/components/react-menu/src/LinkSubMenu.tsx
index bb69434da..712d245f2 100644
--- a/components/react-menu/src/LinkSubMenu.tsx
+++ b/components/react-menu/src/LinkSubMenu.tsx
@@ -8,6 +8,8 @@ import { MenuButton } from './Icon';
 import * as Icons from './Icons';
 import { MenuGroup } from './MenuGroup';
 
+const isJavaScriptProtocol = /^[\u0000-\u001F ]*j[\r\n\t]*a[\r\n\t]*v[\r\n\t]*a[\r\n\t]*s[\r\n\t]*c[\r\n\t]*r[\r\n\t]*i[\r\n\t]*p[\r\n\t]*t[\r\n\t]*\:/i
+
 export function LinkSubMenu({ getIsTop = () => true }) {
   const view = useEditorViewContext();
   const result = link.queryLinkAttrs()(view.state);
@@ -81,7 +83,9 @@ function LinkMenu({
           hint="Visit"
           onMouseDown={(e) => {
             e.preventDefault();
-            window.open(href, '_blank');
+            if (!isJavaScriptProtocol.test(href)) {
+                window.open(href, '_blank');
+            }
           }}
         >
           <Icons.ExternalIcon />