Matrix/element-web-Github
1
0
Fork 0
mirror of https://github.com/vector-im/element-web.git synced 2024-11-18 06:35:35 +08:00
Code Issues Packages Projects Releases Wiki Activity

Only transform <font>

Browse Source
This commit is contained in:
Luke Barnard 2017-01-11 16:41:05 +00:00
parent 8e3f2eb858
commit 32185befc0
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/HtmlUtils.js
View File

@ -141,7 +141,7 @@ var sanitizeHtmlParams = {
attribs.rel = 'noopener'; // https://mathiasbynens.github.io/rel-noopener/
return { tagName: tagName, attribs : attribs };
},
'*': function(tagName, attribs) {
'font': function(tagName, attribs) {
// Only allow certain CSS attributes to avoid XSS attacks
// Sanitizing values to avoid `url(...)` and `expression(...)` attacks
if (!attribs.style) {