From 3acdf79beb5a54c9f23e2a35dee1aa27d242020d Mon Sep 17 00:00:00 2001
From: yangzheli <43645580+yangzheli@users.noreply.github.com>
Date: Tue, 7 Apr 2026 09:44:17 +0800
Subject: [PATCH] fix(frontend): resolve invalid HTML nesting and tabnabbing
vulnerabilities (#1904)
* fix(frontend): resolve invalid HTML nesting and tabnabbing vulnerabilities
Fix `
diff --git a/frontend/src/components/workspace/messages/message-group.tsx b/frontend/src/components/workspace/messages/message-group.tsx
index f6e10bc6b..c80d236de 100644
--- a/frontend/src/components/workspace/messages/message-group.tsx
+++ b/frontend/src/components/workspace/messages/message-group.tsx
@@ -280,16 +280,17 @@ function ToolCall({
return (
{
- window.open(url, "_blank");
- }}
>
{url && (
-
+
{title}
)}