From e34bcd2296d4fa86699f89de79fd9927f0fcb2df Mon Sep 17 00:00:00 2001 From: Ben Gotow Date: Wed, 20 Dec 2017 10:23:17 -0700 Subject: [PATCH] Add all deprecated HTML attributes to sanitizer whitelist #260 https://www.codehelp.co.uk/html/deprecated.html --- app/src/services/sanitize-transformer.es6 | 13 ++++++++++++- mailsync | 2 +- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/app/src/services/sanitize-transformer.es6 b/app/src/services/sanitize-transformer.es6 index ab905416b..07f877960 100644 --- a/app/src/services/sanitize-transformer.es6 +++ b/app/src/services/sanitize-transformer.es6 @@ -52,6 +52,8 @@ const Preset = { 'b', 'i', 'em', + 'u', + 's', 'strong', 'center', 'a', @@ -87,6 +89,7 @@ const Preset = { 'autocomplete', 'axis', 'border', + 'background', 'bgcolor', 'cellpadding', 'cellspacing', @@ -288,6 +291,7 @@ const Preset = { 'span', 'strong', 'style', + 'strike', 'sub', 'summary', 'sup', @@ -321,6 +325,7 @@ const Preset = { 'autocomplete', 'axis', 'border', + 'background', 'bgcolor', 'cellpadding', 'cellspacing', @@ -330,12 +335,14 @@ const Preset = { 'checked', 'classid', 'classname', - 'color', + 'clear', 'colspan', 'cols', + 'color', 'content', 'contextmenu', 'controls', + 'compact', 'coords', 'data', 'datetime', @@ -362,6 +369,7 @@ const Preset = { 'hreflang', 'htmlfor', 'httpequiv', + 'hspace', 'icon', 'id', 'label', @@ -383,6 +391,7 @@ const Preset = { 'name', 'novalidate', 'nowrap', + 'noshade', 'open', 'optimum', 'pattern', @@ -406,6 +415,7 @@ const Preset = { 'shape', 'size', 'sizes', + 'start', 'sortable', 'sorted', 'span', @@ -425,6 +435,7 @@ const Preset = { 'usemap', 'valign', 'value', + 'vspace', 'width', 'wmode', ]), diff --git a/mailsync b/mailsync index 74efffd5b..2ef27bddf 160000 --- a/mailsync +++ b/mailsync @@ -1 +1 @@ -Subproject commit 74efffd5bc25fce3552806c8d26216d23c6ba78b +Subproject commit 2ef27bddfc9554c0e86d919b1c6f257d652566f0