diff --git a/plugins/removeScriptElement.js b/plugins/removeScriptElement.js
index eb1a6ba54..80fcea3b6 100644
--- a/plugins/removeScriptElement.js
+++ b/plugins/removeScriptElement.js
@@ -43,23 +43,25 @@ exports.fn = () => {
return;
}
- for (const attr of ['href', 'xlink:href']) {
- if (
- node.attributes[attr] == null ||
- !node.attributes[attr].trimStart().startsWith('javascript:')
- ) {
- continue;
- }
+ for (const attr of Object.keys(node.attributes)) {
+ if (attr === 'href' || attr.endsWith(':href')) {
+ if (
+ node.attributes[attr] == null ||
+ !node.attributes[attr].trimStart().startsWith('javascript:')
+ ) {
+ continue;
+ }
- const index = parentNode.children.indexOf(node);
- parentNode.children.splice(index, 1, ...node.children);
+ const index = parentNode.children.indexOf(node);
+ parentNode.children.splice(index, 1, ...node.children);
- // TODO remove legacy parentNode in v4
- for (const child of node.children) {
- Object.defineProperty(child, 'parentNode', {
- writable: true,
- value: parentNode,
- });
+ // TODO remove legacy parentNode in v4
+ for (const child of node.children) {
+ Object.defineProperty(child, 'parentNode', {
+ writable: true,
+ value: parentNode,
+ });
+ }
}
}
},
diff --git a/test/plugins/removeScriptElement.05.svg b/test/plugins/removeScriptElement.05.svg
new file mode 100644
index 000000000..066498d62
--- /dev/null
+++ b/test/plugins/removeScriptElement.05.svg
@@ -0,0 +1,19 @@
+Removes hrefs to JavaScript URIs, including unconventional namespaces.
+
+===
+
+
+
+@@@
+
+