scinote-eln/scinote-web
1
1
Fork 0
mirror of https://github.com/scinote-eln/scinote-web.git synced 2025-02-23 07:13:57 +08:00
Code Issues Projects Releases Packages Wiki Activity

Allow data attributes in html sanitization [SCI-8158] (#5159)

Browse source
This commit is contained in:
Alex Kriuchykhin 2023-03-16 18:17:18 +01:00 committed by GitHub
parent b5100269cc
commit bd670bb177
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
config/initializers/constants.rb
View file

@ -330,7 +330,9 @@ class Constants
).freeze
config = Sanitize::Config::RELAXED.deep_dup
config[:attributes]['a'] << 'id'
config[:attributes][:all] << 'id'
config[:attributes][:all] << 'contenteditable'
config[:attributes][:all] << :data
INPUT_SANITIZE_CONFIG = Sanitize::Config.freeze_config(config)
REPOSITORY_DEFAULT_PAGE_SIZE = 10