feat: add support for simplePDF in Web-Embeds (#6810)

2 years ago · 9ca27c62c7
2 changed files with 10 additions and 2 deletions
--- a/src/components/App.tsx
+++ b/src/components/App.tsx
@ -941,7 +941,7 @@ class App extends React.Component<AppProps, AppState> {
				@@ -941,7 +941,7 @@ class App extends React.Component<AppProps, AppState> {
                      title="Excalidraw Embedded Content"
                      allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
                      allowFullScreen={true}
-                      sandbox="allow-same-origin allow-scripts allow-forms allow-popups allow-popups-to-escape-sandbox allow-presentation"
+                      sandbox="allow-same-origin allow-scripts allow-forms allow-popups allow-popups-to-escape-sandbox allow-presentation allow-downloads"
                    />
                  )}
                </div>
--- a/src/element/embeddable.ts
+++ b/src/element/embeddable.ts
@ -55,6 +55,7 @@ const ALLOWED_DOMAINS = new Set([
				@@ -55,6 +55,7 @@ const ALLOWED_DOMAINS = new Set([
  "link.excalidraw.com",
  "gist.github.com",
  "twitter.com",
+  "*.simplepdf.eu",
  "stackblitz.com",
  "val.town",
 ]);
@ -274,9 +275,16 @@ const validateHostname = (
				@@ -274,9 +275,16 @@ const validateHostname = (
    const { hostname } = new URL(url);

    const bareDomain = hostname.replace(/^www\./, "");
+    const bareDomainWithFirstSubdomainWildcarded = bareDomain.replace(
+      /^([^.]+)/,
+      "*",
+    );

    if (allowedHostnames instanceof Set) {
-      return ALLOWED_DOMAINS.has(bareDomain);
+      return (
+        ALLOWED_DOMAINS.has(bareDomain) ||
+        ALLOWED_DOMAINS.has(bareDomainWithFirstSubdomainWildcarded)
+      );
    }

    if (bareDomain === allowedHostnames.replace(/^www\./, "")) {