From 35b22ce5741b8c12ba3f3fc75029bcd1c7a1f6e7 Mon Sep 17 00:00:00 2001
From: DJ2LS <75909252+DJ2LS@users.noreply.github.com>
Date: Fri, 31 Jan 2025 09:19:28 +0100
Subject: [PATCH] open url in new tab #862

---
 .../src/components/chat_messages_received.vue | 22 ++++++++++++++++---
 .../src/components/chat_messages_sent.vue     | 22 +++++++++++++++++--
 2 files changed, 39 insertions(+), 5 deletions(-)

diff --git a/freedata_gui/src/components/chat_messages_received.vue b/freedata_gui/src/components/chat_messages_received.vue
index efc22a508..9e093531b 100644
--- a/freedata_gui/src/components/chat_messages_received.vue
+++ b/freedata_gui/src/components/chat_messages_received.vue
@@ -158,9 +158,25 @@ export default {
     },
 
     parsedMessageBody() {
-      // Use marked to parse markdown and DOMPurify to sanitize
-      return DOMPurify.sanitize(marked.parse(this.message.body));
-    },
+    // Parse markdown to HTML
+  let parsedHTML = marked.parse(this.message.body);
+
+  // Sanitize the HTML
+  let sanitizedHTML = DOMPurify.sanitize(parsedHTML);
+
+  // Create a temporary DOM element to manipulate the sanitized output
+  let tempDiv = document.createElement("div");
+  tempDiv.innerHTML = sanitizedHTML;
+
+  // Modify all links to open in a new tab
+  tempDiv.querySelectorAll("a").forEach(link => {
+    link.setAttribute("target", "_blank");
+    link.setAttribute("rel", "noopener noreferrer"); // Security best practice
+  });
+
+  // Return the updated HTML
+  return tempDiv.innerHTML;
+  },
   },
 };
 </script>
diff --git a/freedata_gui/src/components/chat_messages_sent.vue b/freedata_gui/src/components/chat_messages_sent.vue
index c0b545379..3d74e58e7 100644
--- a/freedata_gui/src/components/chat_messages_sent.vue
+++ b/freedata_gui/src/components/chat_messages_sent.vue
@@ -202,8 +202,26 @@ export default {
     },
 
     parsedMessageBody() {
-      // Use marked to parse markdown and DOMPurify to sanitize
-      return DOMPurify.sanitize(marked.parse(this.message.body));
+     // Parse markdown to HTML
+  let parsedHTML = marked.parse(this.message.body);
+
+  // Sanitize the HTML
+  let sanitizedHTML = DOMPurify.sanitize(parsedHTML);
+
+  // Create a temporary DOM element to manipulate the sanitized output
+  let tempDiv = document.createElement("div");
+  tempDiv.innerHTML = sanitizedHTML;
+
+  // Modify all links to open in a new tab
+  tempDiv.querySelectorAll("a").forEach(link => {
+    link.setAttribute("target", "_blank");
+    link.setAttribute("rel", "noopener noreferrer"); // Security best practice
+  });
+
+  // Return the updated HTML
+  return tempDiv.innerHTML;
+
+
     },
   },
 };