Image elements getting their src attribute removed #338
Comments
|
Possibly, let me look into it. |
|
Found the issue. Unfortunately there was no test case for it so I didn't catch it before in my XSS fix. The change in #339 should fix the regression (sorry about that!) as well as keep the XSS guards intact. |
|
Thanks for the quick response @lirantal. I'm a Nuxt newbie, so I was not sure if what I said made much sense... happy to see we caught it early, and thanks for fixing it so fast. |
|
When using internal anchor links (e.g., [meta] (#meta-object)), Nuxt’s MDC (@nuxtjs/mdc) incorrectly removes them as unsafe attributes. This happens because new URL("#meta-object") throws an error, causing the function to return false, marking the link as unsafe. @lirantal |
|
I can confirm this issue on my end as well |
|
@acidjazz we released version 0.13.5 which fixes prior cases. Are you on this latest version? and if so, which types of links are not working for you? please provide reproducible code so I can test. |
anywhere we point to an image we have stored in |
|
@acidjazz cool, please check your version and let me know |
I just ran
npm installin a Nuxtjs project that was working fine earlier today, and thennpm run devto discover a new warn in the command output:WARN [@nuxtjs/mdc] removing unsafe attribute: src="/path/to/my/image.png" 7:17:40 PMI am using @nuxt/content and mdc in my content's markdown file as usual like this:
After some unsuccessful googling I search nuxt/content's repo and this one and noticed a new mdc release was published just hours ago with a change that seems related.
So, is my problem caused (unintendedly) by this change? I checked my code and could not find anything wrong, but maybe I'm missing something? @lirantal perhaps you can help?
Thank you
The text was updated successfully, but these errors were encountered: