From 62c01da420fca2137674ae562d4ecba54db97da9 Mon Sep 17 00:00:00 2001
From: Roman Hotsiy <gotsijroman@gmail.com>
Date: Mon, 27 Apr 2020 19:47:29 +0300
Subject: [PATCH] fix: encode URLs in json samples linkify (xss)

thanks to @masatokinugawa
---
 src/utils/jsonToHtml.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/utils/jsonToHtml.ts b/src/utils/jsonToHtml.ts
index 6e36d5cec6..e950ee2cd5 100644
--- a/src/utils/jsonToHtml.ts
+++ b/src/utils/jsonToHtml.ts
@@ -56,7 +56,7 @@ function valueToHTML(value, maxExpandLevel: number) {
       output +=
         decorateWithSpan('"', 'token string') +
         '<a href="' +
-        value +
+        encodeURI(value) +
         '">' +
         htmlEncode(stringifyStringLiteral(value)) +
         '</a>' +