OpenCloud
/
riot-web
mirror of https://github.com/vector-im/riot-web
1
0
Fork 0
Code Issues Releases Wiki Activity

Document brokenness

pull/21833/head
David Baker 2016-09-21 16:25:18 +01:00
parent 8ae210cbe2
commit 5fff3bdf24
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/HtmlUtils.js
View File

@ -101,6 +101,10 @@ var sanitizeHtmlParams = {
selfClosing: [ 'img', 'br', 'hr', 'area', 'base', 'basefont', 'input', 'link', 'meta' ], selfClosing: [ 'img', 'br', 'hr', 'area', 'base', 'basefont', 'input', 'link', 'meta' ],
// URL schemes we permit // URL schemes we permit
allowedSchemes: [ 'http', 'https', 'ftp', 'mailto' ], allowedSchemes: [ 'http', 'https', 'ftp', 'mailto' ],
// DO NOT USE. sanitize-html allows all URL starting with '//'
// so this will always allow links to whatever scheme the
// host page is served over.
allowedSchemesByTag: {}, allowedSchemesByTag: {},
transformTags: { // custom to matrix transformTags: { // custom to matrix