Skip to content

Commit

Permalink
whitelist domain
Browse files Browse the repository at this point in the history
  • Loading branch information
nguyenhoaidanh committed Oct 25, 2023
1 parent 80fa0c5 commit 7842d89
Showing 1 changed file with 22 additions and 13 deletions.
35 changes: 22 additions & 13 deletions src/components/Announcement/Popups/CenterPopup.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -113,19 +113,28 @@ const VideoWrapper = styled.div`
height: ${VIDEO_SIZE};
`

const Video = ({ url, title }: { url: string; title: string }) => (
<VideoWrapper>
<iframe
width="100%"
height="100%"
src={url} // todo xss
frameBorder="0"
title={title}
allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
allowFullScreen
/>
</VideoWrapper>
)
const whitelistDomains = ['drive.google.com', 'www.youtube.com']
const Video = ({ url, title }: { url: string; title: string }) => {
try {
const { host } = new URL(url)
if (!whitelistDomains.includes(host)) return null
} catch (error) {
return null
}
return (
<VideoWrapper>
<iframe
width="100%"
height="100%"
src={url}
frameBorder="0"
title={title}
allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
allowFullScreen
/>
</VideoWrapper>
)
}

export default function CenterPopup({
onDismiss,
Expand Down

0 comments on commit 7842d89

Please sign in to comment.