scinote-eln/scinote-web
1
1
Fork 0
mirror of https://github.com/scinote-eln/scinote-web.git synced 2025-03-04 03:36:44 +08:00
Code Issues Projects Releases Packages Wiki Activity

Allow data attr in sanitize config [SCI-9464]

Browse source
This commit is contained in:
Ivan Kljun 2023-10-10 14:26:06 +02:00
parent 3cf3d799f6
commit d68d7af529
2 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
app/helpers/input_sanitize_helper.rb
View file

@ -36,7 +36,6 @@ module InputSanitizeHelper
# allow base64 images when sanitizing if base64_encoded_imgs is true
sanitizer_config = Constants::INPUT_SANITIZE_CONFIG.deep_dup
sanitizer_config[:protocols]['img']['src'] << 'data' if options.fetch(:base64_encoded_imgs, false)
text = sanitize_input(text, tags, sanitizer_config: sanitizer_config)
if text =~ SmartAnnotations::TagToHtml::USER_REGEX || text =~ SmartAnnotations::TagToHtml::REGEX

1
config/initializers/constants.rb
View file

@ -325,6 +325,7 @@ class Constants
config[:attributes][:all] << 'id'
config[:attributes][:all] << 'contenteditable'
config[:attributes][:all] << :data
config[:protocols]['img']['src'] << 'data'
INPUT_SANITIZE_CONFIG = Sanitize::Config.freeze_config(config)
REPOSITORY_DEFAULT_PAGE_SIZE = 10