From d68d7af529db8b1fb4e6fa920315c3aa1c937327 Mon Sep 17 00:00:00 2001
From: Ivan Kljun <ivan@scinote.net>
Date: Tue, 10 Oct 2023 14:26:06 +0200
Subject: [PATCH] Allow data attr in sanitize config [SCI-9464]

---
 app/helpers/input_sanitize_helper.rb | 1 -
 config/initializers/constants.rb     | 1 +
 2 files changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/helpers/input_sanitize_helper.rb b/app/helpers/input_sanitize_helper.rb
index 2dfc2ae00..860d76479 100644
--- a/app/helpers/input_sanitize_helper.rb
+++ b/app/helpers/input_sanitize_helper.rb
@@ -36,7 +36,6 @@ module InputSanitizeHelper
 
     # allow base64 images when sanitizing if base64_encoded_imgs is true
     sanitizer_config = Constants::INPUT_SANITIZE_CONFIG.deep_dup
-    sanitizer_config[:protocols]['img']['src'] << 'data' if options.fetch(:base64_encoded_imgs, false)
     text = sanitize_input(text, tags, sanitizer_config: sanitizer_config)
 
     if text =~ SmartAnnotations::TagToHtml::USER_REGEX || text =~ SmartAnnotations::TagToHtml::REGEX
diff --git a/config/initializers/constants.rb b/config/initializers/constants.rb
index 622a36add..6c37ab4c8 100644
--- a/config/initializers/constants.rb
+++ b/config/initializers/constants.rb
@@ -325,6 +325,7 @@ class Constants
   config[:attributes][:all] << 'id'
   config[:attributes][:all] << 'contenteditable'
   config[:attributes][:all] << :data
+  config[:protocols]['img']['src'] << 'data'
   INPUT_SANITIZE_CONFIG = Sanitize::Config.freeze_config(config)
 
   REPOSITORY_DEFAULT_PAGE_SIZE = 10