explosion/spaCy
1
1
Fork 0
mirror of https://github.com/explosion/spaCy.git synced 2025-10-30 23:47:31 +03:00
Code Issues Packages Projects Releases Wiki Activity

Remove ability to inline HTML content in iFrames

Browse Source
This commit is contained in:
Marcus Blättermann 2022-11-17 17:53:59 +01:00
parent 94f9ddefa4
commit 888a1f4c60
No known key found for this signature in database
GPG Key ID: A1E1F04008AC450D
1 changed files with 2 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
website/src/components/embed.js
View File

@ -57,18 +57,12 @@ SoundCloud.propTypes = {
color: PropTypes.string,
}
function formatHTML(html) {
const encoded = encodeURIComponent(html)
return `<html><head><meta charset="UTF-8"></head><body>${encoded}</body></html>`
}
const Iframe = ({ title, src, html, width = 800, height = 300 }) => {
const source = html ? `data:text/html,${formatHTML(html)}` : src
const Iframe = ({ title, src, width = 800, height = 300 }) => {
return (
<iframe
className={classes.standalone}
title={title}
src={source}
src={src}
width={width}
height={height}
allowFullScreen