From c0a5f9fbef710173b6b8933252cc97fe1109c09b Mon Sep 17 00:00:00 2001
From: Harrison Healey <harrisonmhealey@gmail.com>
Date: Wed, 4 Jan 2017 09:29:19 -0500
Subject: Added an extra layer of sanitization to error page links (#4953)

---
 webapp/components/error_page.jsx | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'webapp/components')

diff --git a/webapp/components/error_page.jsx b/webapp/components/error_page.jsx
index d4d04bf12..7de488f06 100644
--- a/webapp/components/error_page.jsx
+++ b/webapp/components/error_page.jsx
@@ -13,9 +13,11 @@ export default class ErrorPage extends React.Component {
     componentDidMount() {
         $('body').attr('class', 'sticky error');
     }
+
     componentWillUnmount() {
         $('body').attr('class', '');
     }
+
     render() {
         let title = this.props.location.query.title;
         if (!title || title === '') {
@@ -30,6 +32,9 @@ export default class ErrorPage extends React.Component {
         let link = this.props.location.query.link;
         if (!link || link === '') {
             link = '/';
+        } else if (link.startsWith('javascript:') || link.startsWith('vbscript:') || link.startsWith('data:')) { // eslint-disable-line no-script-url
+            // Sanitize out any script links
+            link = '/';
         }
 
         let linkMessage = this.props.location.query.linkmessage;
-- 
cgit v1.2.3-1-g7c22