feat: Add configurable local image rendering to Markdown previewer

st-gr · claude · st-gr · commit 58b36a51f3fc · 2026-05-13T05:01:14.000-07:00
Add a "Show local images" toggle in PowerToys Settings (File Explorer > Markdown) that allows the preview handler to render images referenced via relative paths from the markdown file's directory. Implementation: - HTMLParsingExtension: conditionally resolve local markdown images via virtual host URL with path traversal protection - MarkdownHelper: regex-rewrite relative src attributes in HTML img tags - WebView2: use SetVirtualHostNameToFolderMapping to serve local images via https://localmdimages/ virtual host - Settings UI: toggle in PowerPreviewPage.xaml with ViewModel binding - Handler Settings: read EnableMdLocalImages via SettingsUtils Security: - Default: OFF (existing behavior preserved) - Only images under the markdown file's directory tree are allowed - Remote URLs (http/https/data/javascript) always blocked - Path traversal blocked via Path.GetFullPath + StartsWith check - WebView2 scripts remain disabled (IsScriptEnabled = false) Fixes: #40787 Fixes: #3713 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
diff --git a/src/common/FilePreviewCommon/HTMLParsingExtension.cs b/src/common/FilePreviewCommon/HTMLParsingExtension.cs
@@ -2,6 +2,9 @@
 // The Microsoft Corporation licenses this file to you under the MIT license.
 // See the LICENSE file in the project root for more information.
 
+using System;
+using System.IO;
+
 using Markdig;
 using Markdig.Extensions.Figures;
 using Markdig.Extensions.Tables;
@@ -43,6 +46,26 @@ public HTMLParsingExtension(ImagesBlockedCallBack imagesBlockedCallBack, string
         /// </summary>
         public string FilePath { get; set; }
 
+        /// <summary>
+        /// Gets or sets a value indicating whether local images should be rendered.
+        /// </summary>
+        public bool AllowLocalImages { get; set; }
+
+        private static bool IsLocalImage(string url)
+        {
+            if (string.IsNullOrEmpty(url))
+            {
+                return false;
+            }
+
+            if (url.Contains("://") && !url.StartsWith("file://", StringComparison.OrdinalIgnoreCase))
+            {
+                return false;
+            }
+
+            return true;
+        }
+
         /// <inheritdoc/>
         public void Setup(MarkdownPipelineBuilder pipeline)
         {
@@ -92,9 +115,29 @@ public void PipelineOnDocumentProcessed(MarkdownDocument document)
                     {
                         if (link.IsImage)
                         {
-                            link.Url = "#";
-                            link.GetAttributes().AddClass("img-fluid");
-                            imagesBlockedCallBack();
+                            if (AllowLocalImages && IsLocalImage(link.Url))
+                            {
+                                string resolvedPath = Path.GetFullPath(Path.Combine(FilePath, link.Url));
+
+                                if (resolvedPath.StartsWith(FilePath, StringComparison.OrdinalIgnoreCase))
+                                {
+                                    string relativePath = resolvedPath.Substring(FilePath.Length).TrimStart(Path.DirectorySeparatorChar, Path.AltDirectorySeparatorChar).Replace('\\', '/');
+                                    link.Url = "https://localmdimages/" + relativePath;
+                                    link.GetAttributes().AddClass("img-fluid");
+                                }
+                                else
+                                {
+                                    link.Url = "#";
+                                    link.GetAttributes().AddClass("img-fluid");
+                                    imagesBlockedCallBack();
+                                }
+                            }
+                            else
+                            {
+                                link.Url = "#";
+                                link.GetAttributes().AddClass("img-fluid");
+                                imagesBlockedCallBack();
+                            }
                         }
                     }
                 }
diff --git a/src/common/FilePreviewCommon/MarkdownHelper.cs b/src/common/FilePreviewCommon/MarkdownHelper.cs
@@ -3,6 +3,7 @@
 // See the LICENSE file in the project root for more information.
 
 using System.IO;
+using System.Text.RegularExpressions;
 
 using Markdig;
 
@@ -25,13 +26,14 @@ public static class MarkdownHelper
         /// </summary>
         private static readonly string HtmlFooter = "</div></body></html>";
 
-        public static string MarkdownHtml(string fileContent, string theme, string filePath, ImagesBlockedCallBack imagesBlockedCallBack)
+        public static string MarkdownHtml(string fileContent, string theme, string filePath, ImagesBlockedCallBack imagesBlockedCallBack, bool allowLocalImages = false)
         {
             var htmlHeader = theme == "dark" ? HtmlDarkHeader : HtmlLightHeader;
 
             // Extension to modify markdown AST.
             HTMLParsingExtension extension = new HTMLParsingExtension(imagesBlockedCallBack);
             extension.FilePath = Path.GetDirectoryName(filePath) ?? string.Empty;
+            extension.AllowLocalImages = allowLocalImages;
 
             // if you have a string with double space, some people view it as a new line.
             // while this is against spec, even GH supports this. Technically looks like GH just trims whitespace
@@ -46,6 +48,15 @@ public static string MarkdownHtml(string fileContent, string theme, string fileP
             MarkdownPipeline pipeline = pipelineBuilder.Build();
             string parsedMarkdown = Markdown.ToHtml(fileContent, pipeline);
 
+            if (allowLocalImages)
+            {
+                string virtualHost = "https://localmdimages/";
+                parsedMarkdown = Regex.Replace(
+                    parsedMarkdown,
+                    @"src=""(?!https?://|data:|file://|#|javascript:)([^""]+)""",
+                    m => $"src=\"{virtualHost}{m.Groups[1].Value}\"");
+            }
+
             string markdownHTML = $"{htmlHeader}{parsedMarkdown}{HtmlFooter}";
             return markdownHTML;
         }
diff --git a/src/modules/previewpane/MarkdownPreviewHandler/MarkdownPreviewHandler.csproj b/src/modules/previewpane/MarkdownPreviewHandler/MarkdownPreviewHandler.csproj
@@ -62,6 +62,7 @@
     <ProjectReference Include="..\..\..\common\Common.UI\Common.UI.csproj" />
     <ProjectReference Include="..\..\..\common\interop\PowerToys.Interop.vcxproj" />
     <ProjectReference Include="..\..\..\common\ManagedTelemetry\Telemetry\ManagedTelemetry.csproj" />
+    <ProjectReference Include="..\..\..\settings-ui\Settings.UI.Library\Settings.UI.Library.csproj" />
     <ProjectReference Include="..\common\PreviewHandlerCommon.csproj" />
   </ItemGroup>
 
diff --git a/src/modules/previewpane/MarkdownPreviewHandler/MarkdownPreviewHandlerControl.cs b/src/modules/previewpane/MarkdownPreviewHandler/MarkdownPreviewHandlerControl.cs
@@ -56,6 +56,9 @@ public partial class MarkdownPreviewHandlerControl : FormHandlerControl
         /// </summary>
         private bool _infoBarDisplayed;
 
+        private string _markdownDirectory;
+        private bool _allowLocalImages;
+
         /// <summary>
         /// Gets the path of the current assembly.
         /// </summary>
@@ -116,14 +119,21 @@ public override void DoPreview<T>(T dataSource)
                     throw new ArgumentException($"{nameof(dataSource)} for {nameof(MarkdownPreviewHandlerControl)} must be a string but was a '{typeof(T)}'");
                 }
 
+                _allowLocalImages = Settings.GetLocalImagesEnabled();
+                _markdownDirectory = Path.GetDirectoryName(filePath) ?? string.Empty;
+
                 string fileText = File.ReadAllText(filePath);
-                Regex imageTagRegex = new Regex(@"<[ ]*img.*>");
-                if (imageTagRegex.IsMatch(fileText))
+
+                if (!_allowLocalImages)
                 {
-                    _infoBarDisplayed = true;
+                    Regex imageTagRegex = new Regex(@"<[ ]*img.*>");
+                    if (imageTagRegex.IsMatch(fileText))
+                    {
+                        _infoBarDisplayed = true;
+                    }
                 }
 
-                string markdownHTML = FilePreviewCommon.MarkdownHelper.MarkdownHtml(fileText, Settings.GetTheme(), filePath, ImagesBlockedCallBack);
+                string markdownHTML = FilePreviewCommon.MarkdownHelper.MarkdownHtml(fileText, Settings.GetTheme(), filePath, ImagesBlockedCallBack, _allowLocalImages);
 
                 _browser = new WebView2()
                 {
@@ -143,6 +153,11 @@ public override void DoPreview<T>(T dataSource)
                         _webView2Environment = webView2EnvironmentAwaiter.GetResult();
                         await _browser.EnsureCoreWebView2Async(_webView2Environment).ConfigureAwait(true);
                         _browser.CoreWebView2.SetVirtualHostNameToFolderMapping(VirtualHostName, AssemblyDirectory, CoreWebView2HostResourceAccessKind.Deny);
+                        if (_allowLocalImages)
+                        {
+                            _browser.CoreWebView2.SetVirtualHostNameToFolderMapping("localmdimages", _markdownDirectory, CoreWebView2HostResourceAccessKind.Allow);
+                        }
+
                         _browser.CoreWebView2.Settings.AreDefaultScriptDialogsEnabled = false;
                         _browser.CoreWebView2.Settings.AreDefaultContextMenusEnabled = true;
                         _browser.CoreWebView2.Settings.AreDevToolsEnabled = false;
@@ -152,15 +167,24 @@ public override void DoPreview<T>(T dataSource)
                         _browser.CoreWebView2.Settings.IsScriptEnabled = false;
                         _browser.CoreWebView2.Settings.IsWebMessageEnabled = false;
 
-                        // Don't load any resources.
+                        // Don't load any resources except virtual host mapped ones.
                         _browser.CoreWebView2.AddWebResourceRequestedFilter("*", CoreWebView2WebResourceContext.All);
                         _browser.CoreWebView2.WebResourceRequested += (object sender, CoreWebView2WebResourceRequestedEventArgs e) =>
                         {
-                            // Show local file we've saved with the markdown contents. Block all else.
-                            if (new Uri(e.Request.Uri) != _localFileURI)
+                            // Allow the local HTML file
+                            if (_localFileURI != null && new Uri(e.Request.Uri) == _localFileURI)
+                            {
+                                return;
+                            }
+
+                            // Allow virtual host requests (localmdimages)
+                            if (_allowLocalImages && e.Request.Uri.StartsWith("https://localmdimages/", StringComparison.OrdinalIgnoreCase))
                             {
-                                e.Response = _browser.CoreWebView2.Environment.CreateWebResourceResponse(null, 403, "Forbidden", null);
+                                return;
                             }
+
+                            // Block everything else
+                            e.Response = _browser.CoreWebView2.Environment.CreateWebResourceResponse(null, 403, "Forbidden", null);
                         };
 
                         _browser.CoreWebView2.ContextMenuRequested += (object sender, CoreWebView2ContextMenuRequestedEventArgs args) =>
diff --git a/src/modules/previewpane/MarkdownPreviewHandler/Settings.cs b/src/modules/previewpane/MarkdownPreviewHandler/Settings.cs
@@ -4,10 +4,13 @@
 
 using System;
 using System.Collections.Generic;
+using System.IO;
 using System.Linq;
 using System.Text;
 using System.Threading.Tasks;
 
+using Microsoft.PowerToys.Settings.UI.Library;
+
 namespace Microsoft.PowerToys.PreviewHandler.Markdown
 {
     internal sealed class Settings
@@ -40,5 +43,22 @@ public static string GetTheme()
         {
             return Common.UI.ThemeManager.GetWindowsBaseColor().ToLowerInvariant();
         }
+
+        private static readonly SettingsUtils ModuleSettings = SettingsUtils.Default;
+
+        /// <summary>
+        /// Returns whether local images should be displayed in the Markdown preview.
+        /// </summary>
+        public static bool GetLocalImagesEnabled()
+        {
+            try
+            {
+                return ModuleSettings.GetSettings<PowerPreviewSettings>(PowerPreviewSettings.ModuleName).Properties.EnableMdLocalImages;
+            }
+            catch (FileNotFoundException)
+            {
+                return false;
+            }
+        }
     }
 }
diff --git a/src/settings-ui/Settings.UI.Library/PowerPreviewProperties.cs b/src/settings-ui/Settings.UI.Library/PowerPreviewProperties.cs
@@ -81,6 +81,23 @@ public bool EnableMdPreview
             }
         }
 
+        private bool enableMdLocalImages;
+
+        [JsonPropertyName("md-previewer-local-images-setting")]
+        [JsonConverter(typeof(BoolPropertyJsonConverter))]
+        public bool EnableMdLocalImages
+        {
+            get => enableMdLocalImages;
+            set
+            {
+                if (value != enableMdLocalImages)
+                {
+                    LogTelemetryEvent(value);
+                    enableMdLocalImages = value;
+                }
+            }
+        }
+
         private bool enableMonacoPreview = true;
 
         [JsonPropertyName("monaco-previewer-toggle-setting")]
diff --git a/src/settings-ui/Settings.UI/SettingsXAML/Views/PowerPreviewPage.xaml b/src/settings-ui/Settings.UI/SettingsXAML/Views/PowerPreviewPage.xaml
@@ -132,7 +132,7 @@
                         </tkcontrols:SettingsExpander.Items>
                     </tkcontrols:SettingsExpander>
 
-                    <tkcontrols:SettingsCard
+                    <tkcontrols:SettingsExpander
                         Name="FileExplorerPreviewToggleSwitchPreviewMD"
                         x:Uid="FileExplorerPreview_ToggleSwitch_Preview_MD"
                         HeaderIcon="{ui:FontIcon Glyph=&#xE943;}"
@@ -141,7 +141,16 @@
                             x:Uid="ToggleSwitch"
                             IsEnabled="{x:Bind ViewModel.MDRenderIsGpoEnabled, Mode=OneWay, Converter={StaticResource BoolNegationConverter}}"
                             IsOn="{x:Bind ViewModel.MDRenderIsEnabled, Mode=TwoWay}" />
-                    </tkcontrols:SettingsCard>
+                        <tkcontrols:SettingsExpander.Items>
+                            <tkcontrols:SettingsCard
+                                x:Uid="FileExplorerPreview_ToggleSwitch_Preview_MD_LocalImages"
+                                IsEnabled="{x:Bind ViewModel.MDRenderIsEnabled, Mode=OneWay}">
+                                <ToggleSwitch
+                                    x:Uid="ToggleSwitch"
+                                    IsOn="{x:Bind ViewModel.MDLocalImagesIsEnabled, Mode=TwoWay}" />
+                            </tkcontrols:SettingsCard>
+                        </tkcontrols:SettingsExpander.Items>
+                    </tkcontrols:SettingsExpander>
 
                     <tkcontrols:SettingsCard
                         Name="FileExplorerPreviewToggleSwitchPreviewPDF"
diff --git a/src/settings-ui/Settings.UI/Strings/en-us/Resources.resw b/src/settings-ui/Settings.UI/Strings/en-us/Resources.resw
@@ -1012,6 +1012,12 @@ opera.exe</value>
     <value>.md, .markdown, .mdown, .mkdn, .mkd, .mdwn, .mdtxt, .mdtext</value>
     <comment>{Locked}</comment>
   </data>
+  <data name="FileExplorerPreview_ToggleSwitch_Preview_MD_LocalImages.Header" xml:space="preserve">
+    <value>Show local images</value>
+  </data>
+  <data name="FileExplorerPreview_ToggleSwitch_Preview_MD_LocalImages.Description" xml:space="preserve">
+    <value>Display images from the document's folder in Markdown preview. Only local files are allowed; remote URLs remain blocked.</value>
+  </data>
   <data name="FileExplorerPreview_ToggleSwitch_Preview_Monaco.Header" xml:space="preserve">
     <value>Source code files (Monaco)</value>
     <comment>File type, do not translate</comment>
diff --git a/src/settings-ui/Settings.UI/ViewModels/PowerPreviewViewModel.cs b/src/settings-ui/Settings.UI/ViewModels/PowerPreviewViewModel.cs
@@ -76,6 +76,8 @@ public PowerPreviewViewModel(ISettingsRepository<PowerPreviewSettings> moduleSet
                 _mdRenderIsEnabled = Settings.Properties.EnableMdPreview;
             }
 
+            _mdLocalImagesEnabled = Settings.Properties.EnableMdLocalImages;
+
             _monacoRenderEnabledGpoRuleConfiguration = GPOWrapper.GetConfiguredMonacoPreviewEnabledValue();
             if (_monacoRenderEnabledGpoRuleConfiguration == GpoRuleConfigured.Disabled || _monacoRenderEnabledGpoRuleConfiguration == GpoRuleConfigured.Enabled)
             {
@@ -254,6 +256,7 @@ public PowerPreviewViewModel(ISettingsRepository<PowerPreviewSettings> moduleSet
         private bool _mdRenderIsGpoEnabled;
         private bool _mdRenderIsGpoDisabled;
         private bool _mdRenderIsEnabled;
+        private bool _mdLocalImagesEnabled;
 
         private GpoRuleConfigured _monacoRenderEnabledGpoRuleConfiguration;
         private bool _monacoRenderEnabledStateIsGPOConfigured;
@@ -547,6 +550,24 @@ public bool MDRenderIsGpoDisabled
             }
         }
 
+        public bool MDLocalImagesIsEnabled
+        {
+            get
+            {
+                return _mdLocalImagesEnabled;
+            }
+
+            set
+            {
+                if (_mdLocalImagesEnabled != value)
+                {
+                    _mdLocalImagesEnabled = value;
+                    Settings.Properties.EnableMdLocalImages = value;
+                    RaisePropertyChanged();
+                }
+            }
+        }
+
         public bool MonacoRenderIsEnabled
         {
             get
