Skip to content

Commit a1a2fdd

Browse files
appinteractiveappinteractive
committed
added blockquote to html tag whitelist
1 parent c561c48 commit a1a2fdd

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

server/hooks/xss.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ const _ = require('lodash');
33

44
function clean (dirty) {
55
dirty = sanitizeHtml(dirty, {
6-
allowedTags: ['iframe', 'img', 'p', 'br', 'b', 'i', 'em', 'strong', 'a', 'pre', 'ul', 'li', 'ol', 'span'],
6+
allowedTags: ['iframe', 'img', 'p', 'br', 'b', 'i', 'em', 'strong', 'a', 'pre', 'ul', 'li', 'ol', 'span', 'blockquote'],
77
allowedAttributes: {
88
a: ['href', 'target', 'data-*'],
99
img: [ 'src' ],

0 commit comments

Comments
 (0)