Fix URL parsing when URL has been encoded with escape() (fixes #4322) (#4338)

author: Pierre Rudloff <contact@rudloff.pro> 2016-10-26 18:36:16 +0200
committer: Harrison Healey <harrisonmhealey@gmail.com> 2016-10-26 12:36:16 -0400
commit: 7e67eabca91d9c52b741d0808ffb6f556d8ffb13 (patch)
tree: 0360c66718b63b088e04704eb62a896fc41bad0a /webapp/utils/markdown.jsx
parent: c07cdd666a05dc7394f8a2f7799c2fbdbca2c9ca (diff)
download: chat-7e67eabca91d9c52b741d0808ffb6f556d8ffb13.tar.gz
chat-7e67eabca91d9c52b741d0808ffb6f556d8ffb13.tar.bz2
chat-7e67eabca91d9c52b741d0808ffb6f556d8ffb13.zip
1 files changed, 7 insertions, 1 deletions
diff --git a/webapp/utils/markdown.jsx b/webapp/utils/markdown.jsx
index 7f597eb3d..0b279ca6d 100644
--- a/webapp/utils/markdown.jsx
+++ b/webapp/utils/markdown.jsx
@@ -135,7 +135,13 @@ class MattermostMarkdownRenderer extends marked.Renderer {
         let outHref = href;
 
         try {
-            const unescaped = decodeURIComponent(unescape(href)).replace(/[^\w:]/g, '').toLowerCase();
+            let unescaped = unescape(href);
+            try {
+                unescaped = decodeURIComponent(unescaped);
+            } catch (e) {
+                unescaped = global.unescape(unescaped);
+            }
+            unescaped = unescaped.replace(/[^\w:]/g, '').toLowerCase();
 
             if (unescaped.indexOf('javascript:') === 0 || unescaped.indexOf('vbscript:') === 0 || unescaped.indexOf('data:') === 0) { // eslint-disable-line no-script-url
                 return text;
author	Pierre Rudloff <contact@rudloff.pro>	2016-10-26 18:36:16 +0200
committer	Harrison Healey <harrisonmhealey@gmail.com>	2016-10-26 12:36:16 -0400
commit	7e67eabca91d9c52b741d0808ffb6f556d8ffb13 (patch)
tree	0360c66718b63b088e04704eb62a896fc41bad0a /webapp/utils/markdown.jsx
parent	c07cdd666a05dc7394f8a2f7799c2fbdbca2c9ca (diff)
download	chat-7e67eabca91d9c52b741d0808ffb6f556d8ffb13.tar.gz chat-7e67eabca91d9c52b741d0808ffb6f556d8ffb13.tar.bz2 chat-7e67eabca91d9c52b741d0808ffb6f556d8ffb13.zip