fix: disallow non-HTTP(S) protocols in links

Author: JohnColanduoni

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openrouter/markdown-wasm",
-  "version": "0.2.2",
+  "version": "0.3.2",
   "license": "Apache-2.0",
   "packageManager": "[email protected]+sha512.c753b6c3ad7afa13af388fa6d808035a008e30ea9993f58c6663e2bc5ff21679aa834db094987129aa4d488b86df57f7b634981b2f827cdcacc698cc0cfb88af",
   "type": "module",

src/index.test.ts

@@ -4,6 +4,7 @@ import { markdownToHtml } from "../dist";
 
 test("adds attributes to links", async () => {
   const html = await markdownToHtml("[link](/here)", {
+    allowInternalLinks: true,
     linkAttributes: { class: "someclass" },
   });
 
@@ -23,6 +24,7 @@ test("adds extra attributes to external links", async () => {
 
 test("doesn't add extra attributes to internal links", async () => {
   const html = await markdownToHtml("[link](/here)", {
+    allowInternalLinks: true,
     linkAttributes: { class: "someclass" },
     externalLinkAttributes: { rel: "noopener noreferrer" },
   });
@@ -44,6 +46,7 @@ test("adds icon to external links", async () => {
 
 test("doesn't add icon to internal links", async () => {
   const html = await markdownToHtml("[link](/here)", {
+    allowInternalLinks: true,
     linkAttributes: { class: "someclass" },
     externalLinkAttributes: { rel: "noopener noreferrer" },
     externalLinkIconHtml: "<svg></svg>",
@@ -75,3 +78,33 @@ test("aborts on img tags", async () => {
 
   expect(html).toBe(null);
 });
+
+test("aborts on javascript: links in markdown", async () => {
+  const html = await markdownToHtml(`[evil](javascript:alert(self))`, { allowInternalLinks: true });
+
+  expect(html).toBe(null);
+});
+
+test("aborts on javascript: links in <a> tags", async () => {
+  const html = await markdownToHtml(`<a href="javascript:alert('hello')">evil</a>`, { allowInternalLinks: true });
+
+  expect(html).toBe(null);
+});
+
+test("denys internal links by default", async () => {
+  const html = await markdownToHtml("[link](/here)", {
+    linkAttributes: { class: "someclass" },
+  });
+
+  expect(html).toBe(null)
+});
+
+test("denys internal links if requested", async () => {
+  const html = await markdownToHtml("[link](/here)", {
+    allowInternalLinks: false,
+    linkAttributes: { class: "someclass" },
+  });
+
+  expect(html).toBe(null)
+});
+

src/lib.rs

@@ -5,12 +5,15 @@ use regex_lite::Regex;
 use serde::{Deserialize, Serialize};
 use std::collections::BTreeMap;
 use tsify::Tsify;
-use wasm_bindgen::{convert::IntoWasmAbi, describe::WasmDescribe, prelude::*};
+use wasm_bindgen::{prelude::*};
 
 #[derive(Tsify, Serialize, Deserialize, Default)]
 #[serde(rename_all = "camelCase")]
 #[tsify(from_wasm_abi)]
 pub struct MarkdownRenderOptions {
+    #[serde(default)]
+    pub allow_internal_links: bool,
+
     #[serde(default)]
     #[tsify(type = "Record<string, string>")]
     pub link_attributes: BTreeMap<String, String>,
@@ -181,7 +184,17 @@ impl FilteringIterator<'_> {
     where
         O::Error: Default,
     {
-        let is_external = dest_url.starts_with("http");
+        let is_external = dest_url.starts_with("http://") || dest_url.starts_with("https://");
+
+        let has_protocol_scheme = HAS_PROTOCOL_SCHEME_REGEX.is_match(dest_url);
+        if has_protocol_scheme && !is_external {
+            // Disallow `javascript:`, `tel:` etc. as well as custom protocol schemes
+            return Err(O::Error::default());
+        }
+
+        if !is_external && !self.options.allow_internal_links {
+            return Err(O::Error::default());
+        }
 
         write!(output, r#"<a href=""#)?;
         if let Err(_) = escape_href(&mut *output, &dest_url) {
@@ -239,3 +252,7 @@ lazy_static! {
         r#"https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{1,256}\.[a-zA-Z0-9()]{1,6}\b([-a-zA-Z0-9()@:%_\+.~#?&//=]*)"#
     ).unwrap();
 }
+
+lazy_static! {
+    static ref HAS_PROTOCOL_SCHEME_REGEX: Regex = Regex::new(r#"^(.*)\:"#).unwrap();
+}