aboutsummaryrefslogtreecommitdiffhomepage
path: root/shared/core-utils
diff options
context:
space:
mode:
authorChocobozzz <me@florianbigard.com>2021-06-25 15:10:39 +0200
committerChocobozzz <me@florianbigard.com>2021-06-25 15:11:00 +0200
commit0d25c5941466d824e0840b0381e368736f813d51 (patch)
tree7d4c5bb9d61e41cb0142307b5b3be34912955e7c /shared/core-utils
parent2370d9cc4af1a91855f0891a8a94da0455ebd724 (diff)
downloadPeerTube-0d25c5941466d824e0840b0381e368736f813d51.tar.gz
PeerTube-0d25c5941466d824e0840b0381e368736f813d51.tar.zst
PeerTube-0d25c5941466d824e0840b0381e368736f813d51.zip
Fix image injection for custom markup
Diffstat (limited to 'shared/core-utils')
-rw-r--r--shared/core-utils/renderer/html.ts4
1 files changed, 3 insertions, 1 deletions
diff --git a/shared/core-utils/renderer/html.ts b/shared/core-utils/renderer/html.ts
index bbf8b3fbd..c9757be85 100644
--- a/shared/core-utils/renderer/html.ts
+++ b/shared/core-utils/renderer/html.ts
@@ -30,11 +30,13 @@ export function getCustomMarkupSanitizeOptions (additionalAllowedTags: string[]
30 allowedTags: [ 30 allowedTags: [
31 ...base.allowedTags, 31 ...base.allowedTags,
32 ...additionalAllowedTags, 32 ...additionalAllowedTags,
33 'div', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6' 33 'div', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'img'
34 ], 34 ],
35 allowedSchemes: base.allowedSchemes, 35 allowedSchemes: base.allowedSchemes,
36 allowedAttributes: { 36 allowedAttributes: {
37 ...base.allowedAttributes, 37 ...base.allowedAttributes,
38
39 'img': [ 'src', 'alt' ],
38 '*': [ 'data-*', 'style' ] 40 '*': [ 'data-*', 'style' ]
39 } 41 }
40 } 42 }