summaryrefslogtreecommitdiffstats
path: root/browser/components/newtab/content-src/asrouter/template-utils.js
diff options
context:
space:
mode:
Diffstat (limited to 'browser/components/newtab/content-src/asrouter/template-utils.js')
-rw-r--r--browser/components/newtab/content-src/asrouter/template-utils.js22
1 files changed, 22 insertions, 0 deletions
diff --git a/browser/components/newtab/content-src/asrouter/template-utils.js b/browser/components/newtab/content-src/asrouter/template-utils.js
new file mode 100644
index 0000000000..004234f45f
--- /dev/null
+++ b/browser/components/newtab/content-src/asrouter/template-utils.js
@@ -0,0 +1,22 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+export function safeURI(url) {
+ if (!url) {
+ return "";
+ }
+ const { protocol } = new URL(url);
+ const isAllowed = [
+ "http:",
+ "https:",
+ "data:",
+ "resource:",
+ "chrome:",
+ ].includes(protocol);
+ if (!isAllowed) {
+ // eslint-disable-next-line no-console
+ console.warn(`The protocol ${protocol} is not allowed for template URLs.`);
+ }
+ return isAllowed ? url : "";
+}
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-29 23:09:41 +0000