CGM_Public/pretix_original
2
0
Fork 1
mirror of https://github.com/pretix/pretix.git synced 2026-05-08 15:44:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix #881 -- dont redirect tel scheme (#883)

Browse Source
This commit is contained in:
Felix Rindt
2018-04-24 17:20:47 +02:00
committed by Raphael Michel
parent 6df0597c5e
commit 9d2e2a1ea2
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/pretix/base/templatetags/rich_text.py
View File

@@ -63,7 +63,7 @@ ALLOWED_PROTOCOLS = ['http', 'https', 'mailto', 'tel']
def safelink_callback(attrs, new=False): def safelink_callback(attrs, new=False):
url = attrs.get((None, 'href'), '/') url = attrs.get((None, 'href'), '/')
if not is_safe_url(url) and not url.startswith('mailto:'): if not is_safe_url(url) and not url.startswith('mailto:') and not url.startswith('tel:'):
signer = signing.Signer(salt='safe-redirect') signer = signing.Signer(salt='safe-redirect')
attrs[None, 'href'] = reverse('redirect') + '?url=' + urllib.parse.quote(signer.sign(url)) attrs[None, 'href'] = reverse('redirect') + '?url=' + urllib.parse.quote(signer.sign(url))
attrs[None, 'target'] = '_blank' attrs[None, 'target'] = '_blank'