github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-06-18 10:02:32 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Remove some obscure HTML tags from sanitization

Browse Source
This commit is contained in:
Robin Ward
2014-06-24 11:03:45 -04:00
parent f0932a7de8
commit a7ad7f6a45
2 changed files with 2 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
test/javascripts/lib/markdown_test.js
View File

@ -365,6 +365,8 @@ test("sanitize", function() {
equal(sanitize("<textarea>hullo</textarea>"), "hullo");
equal(sanitize("<button>press me!</button>"), "press me!");
equal(sanitize("<canvas>draw me!</canvas>"), "draw me!");
equal(sanitize("<progress>hello"), "hello");
equal(sanitize("<mark>highlight</mark>"), "highlight");
cooked("[the answer](javascript:alert(42))", "<p><a>the answer</a></p>", "it prevents XSS");