fix(file-viewer): sanitize linked-image href; drop global leading-newline strip

- image: run the linked-image (badge) anchor target through normalizeLinkHref so a
  javascript:/data: href in a file can't execute on click; the markdown still preserves the
  raw target (file content unchanged)
- markdown-fidelity: the table serializer now trims its own surrounding blank lines, so the
  global leading-newline strip in postProcessSerializedMarkdown is redundant — removing it
  stops clobbering content that legitimately begins with whitespace

Author: waleedlatif1

apps/sim/app/workspace/[workspaceId]/files/components/file-viewer/rich-markdown-editor/image.tsx

@@ -3,6 +3,7 @@ import type { JSONContent } from '@tiptap/core'
 import { Image } from '@tiptap/extension-image'
 import type { ReactNodeViewProps } from '@tiptap/react'
 import { NodeViewWrapper, ReactNodeViewRenderer } from '@tiptap/react'
+import { normalizeLinkHref } from './markdown-fidelity'
 
 const MIN_WIDTH = 64
 
@@ -199,6 +200,10 @@ function ResizableImageView({ node, updateAttributes, selected }: ReactNodeViewP
     ? { width: /^\d+$/.test(attrs.width) ? `${attrs.width}px` : attrs.width }
     : undefined
 
+  // Sanitize the linked-image target before rendering the anchor — a parsed markdown href is
+  // untrusted and could be `javascript:`/`data:`; an unsafe value drops the link (image only).
+  const safeHref = normalizeLinkHref(typeof attrs.href === 'string' ? attrs.href : '')
+
   const image = (
     <img
       ref={imageRef}
@@ -217,8 +222,8 @@ function ResizableImageView({ node, updateAttributes, selected }: ReactNodeViewP
 
   return (
     <NodeViewWrapper className='relative my-4 inline-block leading-none'>
-      {attrs.href ? (
-        <a href={attrs.href} rel='noopener noreferrer' className='block'>
+      {safeHref ? (
+        <a href={safeHref} rel='noopener noreferrer' className='block'>
           {image}
         </a>
       ) : (

apps/sim/app/workspace/[workspaceId]/files/components/file-viewer/rich-markdown-editor/markdown-fidelity.ts

@@ -51,12 +51,11 @@ export function normalizeLinkHref(href: string): string {
 
 /**
  * Cleans up serializer output: restores callout markers the serializer backslash-escapes
- * (`> \[!NOTE\]` → `> [!NOTE]`) and trims the spurious leading blank line the table
- * serializer emits, plus trailing blank lines.
+ * (`> \[!NOTE\]` → `> [!NOTE]`) and collapses trailing blank lines to a single newline. The
+ * table serializer's spurious surrounding blank lines are trimmed at the source (PipeSafeTable),
+ * so no global leading-newline strip is needed here — avoiding clobbering content that legitimately
+ * begins with whitespace.
  */
 export function postProcessSerializedMarkdown(markdown: string): string {
-  return markdown
-    .replace(ESCAPED_CALLOUT_REGEX, '$1[!$2]')
-    .replace(/^\n+/, '')
-    .replace(/\n+$/, '\n')
+  return markdown.replace(ESCAPED_CALLOUT_REGEX, '$1[!$2]').replace(/\n+$/, '\n')
 }

apps/sim/app/workspace/[workspaceId]/files/components/file-viewer/rich-markdown-editor/round-trip.test.ts

@@ -114,8 +114,11 @@ describe('markdown-fidelity utils', () => {
     expect(normalizeLinkHref('ftp://host/file')).toBe('ftp://host/file')
   })
 
-  it('trims a leading blank line and collapses trailing newlines', () => {
-    expect(postProcessSerializedMarkdown('\n| a |\n| --- |\n\n\n')).toBe('| a |\n| --- |\n')
+  it('collapses trailing blank lines and preserves leading whitespace', () => {
+    expect(postProcessSerializedMarkdown('| a |\n| --- |\n\n\n')).toBe('| a |\n| --- |\n')
+    // No global leading-newline strip (the table trims its own at the source), so content that
+    // legitimately begins with a blank line is no longer clobbered on save.
+    expect(postProcessSerializedMarkdown('\nbody\n')).toBe('\nbody\n')
   })
 })