From bfcb535413d695cad8c4dbdf3eacccf30cd1e26a Mon Sep 17 00:00:00 2001
From: nmarrs <nathanielmarrs@gmail.com>
Date: Fri, 3 Feb 2023 16:56:43 -0800
Subject: [PATCH] Add additional sanitize calls to other user provided
 endpoints

---
 src/worldmap_ctrl.ts | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/worldmap_ctrl.ts b/src/worldmap_ctrl.ts
index 20e3de2..0e59e01 100644
--- a/src/worldmap_ctrl.ts
+++ b/src/worldmap_ctrl.ts
@@ -113,6 +113,7 @@ export default class WorldmapCtrl extends MetricsPanelCtrl {
       }
 
       this.panel.jsonpUrl = sanitizeUrl(this.panel.jsonpUrl);
+      this.panel.jsonpCallback = sanitizeUrl(this.panel.jsonpCallback);
 
       $.ajax({
         type: "GET",
@@ -130,6 +131,8 @@ export default class WorldmapCtrl extends MetricsPanelCtrl {
         return;
       }
 
+      this.panel.jsonUrl = sanitizeUrl(this.panel.jsonUrl);
+
       $.getJSON(this.panel.jsonUrl).then((res) => {
         this.locations = res;
         this.render();