diff options
| -rw-r--r-- | webapp/components/error_page.jsx | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/webapp/components/error_page.jsx b/webapp/components/error_page.jsx index d4d04bf12..7de488f06 100644 --- a/webapp/components/error_page.jsx +++ b/webapp/components/error_page.jsx @@ -13,9 +13,11 @@ export default class ErrorPage extends React.Component { componentDidMount() { $('body').attr('class', 'sticky error'); } + componentWillUnmount() { $('body').attr('class', ''); } + render() { let title = this.props.location.query.title; if (!title || title === '') { @@ -30,6 +32,9 @@ export default class ErrorPage extends React.Component { let link = this.props.location.query.link; if (!link || link === '') { link = '/'; + } else if (link.startsWith('javascript:') || link.startsWith('vbscript:') || link.startsWith('data:')) { // eslint-disable-line no-script-url + // Sanitize out any script links + link = '/'; } let linkMessage = this.props.location.query.linkmessage; |