diff --git a/package.json b/package.json index cf60568f2ef..bd89afd27f3 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "homarr", - "version": "0.15.8", + "version": "0.15.9", "description": "Homarr - A homepage for your server.", "license": "MIT", "repository": { @@ -244,4 +244,4 @@ ] } } -} \ No newline at end of file +} diff --git a/public/locales/en/widgets/error-boundary.json b/public/locales/en/widgets/error-boundary.json index 2087e254087..395176d0141 100644 --- a/public/locales/en/widgets/error-boundary.json +++ b/public/locales/en/widgets/error-boundary.json @@ -7,8 +7,8 @@ } }, "modal": { - "text": "", - "label": "Your error", - "reportButton": "Report this error" + "text": "The widet crashed unexpectitly. Please read the documentation and fix any typos.", + "label": "Occurred error", + "reportButton": "Report this error on GitHub" } } diff --git a/src/widgets/iframe/IFrameTile.tsx b/src/widgets/iframe/IFrameTile.tsx index ab3f1790d71..4c49af3b990 100644 --- a/src/widgets/iframe/IFrameTile.tsx +++ b/src/widgets/iframe/IFrameTile.tsx @@ -5,6 +5,20 @@ import { useTranslation } from 'next-i18next'; import { defineWidget } from '../helper'; import { IWidget } from '../widgets'; +function sanitizeUrl(url: string) { + let parsedUrl: URL; + try { + parsedUrl = new URL(url); + } catch (e) { + return 'about:blank'; + } + if (['http:', 'https:'].includes(parsedUrl.protocol)) { + return parsedUrl.href; + } else { + throw new Error(`Protocol '${parsedUrl.protocol}' is not supported. Use HTTP or HTTPS.`); + } +} + const definition = defineWidget({ id: 'iframe', icon: IconBrowser, @@ -116,9 +130,8 @@ function IFrameTile({ widget }: IFrameTileProps) { return (