explosion/spaCy
1
1
Fork 0
mirror of https://github.com/explosion/spaCy.git synced 2025-02-11 17:10:36 +03:00
Code Issues Packages Projects Releases Wiki Activity

Remove ability to inline HTML content in iFrames

Browse Source
This commit is contained in:
Marcus Blättermann 2022-11-17 17:53:59 +01:00
parent 94f9ddefa4
commit 888a1f4c60
No known key found for this signature in database
GPG Key ID: A1E1F04008AC450D
1 changed files with 2 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
website/src/components/embed.js
View File

@ -57,18 +57,12 @@ SoundCloud.propTypes = {
color: PropTypes.string, color: PropTypes.string,
} }
function formatHTML(html) { const Iframe = ({ title, src, width = 800, height = 300 }) => {
const encoded = encodeURIComponent(html)
return `<html><head><meta charset="UTF-8"></head><body>${encoded}</body></html>`
}
const Iframe = ({ title, src, html, width = 800, height = 300 }) => {
const source = html ? `data:text/html,${formatHTML(html)}` : src
return ( return (
<iframe <iframe
className={classes.standalone} className={classes.standalone}
title={title} title={title}
src={source} src={src}
width={width} width={width}
height={height} height={height}
allowFullScreen allowFullScreen