From 63a998ceb770b48e2e59014f8c84fb777a158aba Mon Sep 17 00:00:00 2001 From: Kegan Dougal Date: Tue, 30 May 2017 17:37:13 +0100 Subject: [PATCH] Allow span... --- src/languageHandler.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/languageHandler.js b/src/languageHandler.js index 0564f6ca29..961838b770 100644 --- a/src/languageHandler.js +++ b/src/languageHandler.js @@ -86,7 +86,7 @@ export function _tJsx(jsxText, patterns, subs) { // tJsxText may be unsafe if malicious translators try to inject HTML. // Run this through sanitize-html and bail if the output isn't identical const tJsxText = _t(jsxText); - const sanitized = sanitizeHtml(tJsxText); + const sanitized = sanitizeHtml(tJsxText, { allowedTags: sanitizeHtml.defaults.allowedTags.concat([ 'span' ]) }); if (tJsxText !== sanitized) { throw new Error(`_tJsx: translator error. untrusted HTML supplied. '${tJsxText}' != '${sanitized}'`); }