Fix image injection for custom markup

author Chocobozzz <me@florianbigard.com>

Fri, 25 Jun 2021 13:10:39 +0000 (15:10 +0200)

committer Chocobozzz <me@florianbigard.com>

Fri, 25 Jun 2021 13:11:00 +0000 (15:11 +0200)
author Chocobozzz <me@florianbigard.com>
Fri, 25 Jun 2021 13:10:39 +0000 (15:10 +0200)
committer Chocobozzz <me@florianbigard.com>
Fri, 25 Jun 2021 13:11:00 +0000 (15:11 +0200)
diff --git a/shared/core-utils/renderer/html.ts b/shared/core-utils/renderer/html.ts

index bbf8b3fbd6531cc8222f6dcea821e66c57b76443..c9757be85e393a9edd870228a4993c4e7b42ce9b 100644 (file)
--- a/shared/core-utils/renderer/html.ts
+++ b/shared/core-utils/renderer/html.ts
@@ -30,11 +30,13 @@ export function getCustomMarkupSanitizeOptions (additionalAllowedTags: string[]
      allowedTags: [
        ...base.allowedTags,
        ...additionalAllowedTags,
-      'div', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6'
+      'div', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'img'
      ],
      allowedSchemes: base.allowedSchemes,
      allowedAttributes: {
        ...base.allowedAttributes,
+
+      'img': [ 'src', 'alt' ],
        '*': [ 'data-*', 'style' ]
      }
    }
author	Chocobozzz <me@florianbigard.com>
	Fri, 25 Jun 2021 13:10:39 +0000 (15:10 +0200)
committer	Chocobozzz <me@florianbigard.com>
	Fri, 25 Jun 2021 13:11:00 +0000 (15:11 +0200)