From 291b6294119c77e9dfa708445b834389627053a1 Mon Sep 17 00:00:00 2001
From: Felipe Knorr Kuhn <git@knorrium.info>
Date: Sun, 4 Jan 2026 13:39:14 -0800
Subject: [PATCH] Block external links

---
 check_logos.js | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/check_logos.js b/check_logos.js
index f7977c9..ca6321b 100755
--- a/check_logos.js
+++ b/check_logos.js
@@ -48,6 +48,24 @@ for (const file of files) {
     const originalDOM = new JSDOM(svgContent, { contentType: 'image/svg+xml' });
     const sanitizedDOM = new JSDOM(cleanSVG, { contentType: 'image/svg+xml' });
     
+    const externalUrlPattern = /^(https?|ftp):\/\//i;
+    const imageElements = originalDOM.window.document.querySelectorAll('image');
+    const useElements = originalDOM.window.document.querySelectorAll('use');
+
+    imageElements.forEach((img, index) => {
+      const href = img.getAttribute('href') || img.getAttribute('xlink:href');
+      if (href && externalUrlPattern.test(href.trim())) {
+        issues.push(`Found external URL in image element: ${href}`);
+      }
+    });
+
+    useElements.forEach((use, index) => {
+      const href = use.getAttribute('href') || use.getAttribute('xlink:href');
+      if (href && externalUrlPattern.test(href.trim())) {
+        issues.push(`Found external URL in use element: ${href}`);
+      }
+    });
+
     const originalScripts = originalDOM.window.document.querySelectorAll('script');
     const sanitizedScripts = sanitizedDOM.window.document.querySelectorAll('script');