mirror of https://github.com/vector-im/riot-web
Disallow data attribute, we don't need it currently
parent
f9ee89b2f4
commit
96f5f92c7f
|
@ -153,7 +153,7 @@ const sanitizeHtmlParams = {
|
|||
allowedSchemes: ['http', 'https', 'ftp', 'mailto'],
|
||||
|
||||
allowedSchemesByTag: {
|
||||
img: [ 'data', 'mxc' ],
|
||||
img: ['mxc'],
|
||||
},
|
||||
allowProtocolRelative: false,
|
||||
|
||||
|
|
Loading…
Reference in New Issue