Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
Resource.prototype.safeUrl = function() {
if (typeof this.uri != 'string' || this.uri == '') {
return '';
}
let safeUrl, protocol;
try {
safeUrl = URI(this.uri);
protocol = safeUrl.protocol().trim().toLowerCase();
} catch (e) {
// Uris that cannot be parsed are not safe.
return '';
}
if (safeUrl.is('url')) {
// Javascript is not safe.
if (protocol === "javascript") {
return '';
}
// If no protocol defined or a relative url is given, force the http protocol.
if (!safeUrl.is('absolute') || protocol == '') {
safeUrl.protocol('http');
}