From 0e29c1fdc3007b51b3c09f1f636ba420f0b30a7f Mon Sep 17 00:00:00 2001
From: Joao Victor <joaov@imdt.com.br>
Date: Mon, 4 Apr 2022 16:53:01 -0300
Subject: [PATCH] Fix link sanitizing in welcome message.

---
 .../meetings/server/modifiers/addMeeting.js   | 23 ++++++++++++-------
 1 file changed, 15 insertions(+), 8 deletions(-)

diff --git a/bigbluebutton-html5/imports/api/meetings/server/modifiers/addMeeting.js b/bigbluebutton-html5/imports/api/meetings/server/modifiers/addMeeting.js
index c82baeb2de..02702537eb 100755
--- a/bigbluebutton-html5/imports/api/meetings/server/modifiers/addMeeting.js
+++ b/bigbluebutton-html5/imports/api/meetings/server/modifiers/addMeeting.js
@@ -139,10 +139,13 @@ export default function addMeeting(meeting) {
   const sanitizeTextInChat = original => SanitizeHTML(original, {
     allowedTags: ['a', 'b', 'br', 'i', 'img', 'li', 'small', 'span', 'strong', 'u', 'ul'],
     allowedAttributes: {
-      a: ['href', 'name', 'target'],
+      a: ['href', 'target'],
       img: ['src', 'width', 'height'],
     },
     allowedSchemes: ['https'],
+    allowedSchemesByTag: {
+      a: ['https', 'mailto', 'tel']
+    }
   });
 
   const sanitizedWelcomeText = sanitizeTextInChat(welcomeMsg);
@@ -153,14 +156,18 @@ export default function addMeeting(meeting) {
 
   const insertBlankTarget = (s, i) => `${s.substr(0, i)} target="_blank"${s.substr(i)}`;
   const linkWithoutTarget = new RegExp('<a href="(.*?)">', 'g');
-  linkWithoutTarget.test(welcomeMsg);
 
-  if (linkWithoutTarget.lastIndex > 0) {
-    welcomeMsg = insertBlankTarget(
-      welcomeMsg,
-      linkWithoutTarget.lastIndex - 1,
-    );
-  }
+  do {
+    linkWithoutTarget.test(welcomeMsg);
+
+    if (linkWithoutTarget.lastIndex > 0) {
+      welcomeMsg = insertBlankTarget(
+        welcomeMsg,
+        linkWithoutTarget.lastIndex - 1,
+      );
+      linkWithoutTarget.lastIndex = linkWithoutTarget.lastIndex - 1;
+    }
+  } while (linkWithoutTarget.lastIndex > 0);
 
   newMeeting.welcomeProp.welcomeMsg = welcomeMsg;