Disallow data attribute, we don't need it currently

pull/21833/head
Luke Barnard 2017-07-10 15:44:41 +01:00
parent f9ee89b2f4
commit 96f5f92c7f
1 changed files with 1 additions and 1 deletions

View File

@ -153,7 +153,7 @@ const sanitizeHtmlParams = {
allowedSchemes: ['http', 'https', 'ftp', 'mailto'],
allowedSchemesByTag: {
img: [ 'data', 'mxc' ],
img: ['mxc'],
},
allowProtocolRelative: false,