From 0082eff4a09d04b5d2ad5eb5ac84fa01892007ee Mon Sep 17 00:00:00 2001
From: Palanikannan1437 <73993394+Palanikannan1437@users.noreply.github.com>
Date: Fri, 19 Jan 2024 11:01:25 +0530
Subject: [PATCH] regression: reverted link checks of malicious scripts

---
 .../src/ui/extensions/custom-link/index.tsx   | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/packages/editor/core/src/ui/extensions/custom-link/index.tsx b/packages/editor/core/src/ui/extensions/custom-link/index.tsx
index 650c095cd..e66d18904 100644
--- a/packages/editor/core/src/ui/extensions/custom-link/index.tsx
+++ b/packages/editor/core/src/ui/extensions/custom-link/index.tsx
@@ -100,11 +100,26 @@ export const CustomLinkExtension = Mark.create<LinkOptions>({
   },
 
   parseHTML() {
-    return [{ tag: 'a[href]:not([href *= "javascript:" i])' }];
+    return [
+      {
+        tag: "a[href]",
+        getAttrs: (node) => {
+          if (typeof node === "string" || !(node instanceof HTMLElement)) {
+            return null;
+          }
+          const href = node.getAttribute("href")?.toLowerCase() || "";
+          if (href.startsWith("javascript:") || href.startsWith("data:") || href.startsWith("vbscript:")) {
+            return false;
+          }
+          return {};
+        },
+      },
+    ];
   },
 
   renderHTML({ HTMLAttributes }) {
-    if (HTMLAttributes.href?.startsWith("javascript:")) {
+    const href = HTMLAttributes.href?.toLowerCase() || "";
+    if (href.startsWith("javascript:") || href.startsWith("data:") || href.startsWith("vbscript:")) {
       return ["a", mergeAttributes(this.options.HTMLAttributes, { ...HTMLAttributes, href: "" }), 0];
     }
     return ["a", mergeAttributes(this.options.HTMLAttributes, HTMLAttributes), 0];