diff options
Diffstat (limited to 'client/src/app/core/renderer/html-renderer.service.ts')
-rw-r--r-- | client/src/app/core/renderer/html-renderer.service.ts | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/client/src/app/core/renderer/html-renderer.service.ts b/client/src/app/core/renderer/html-renderer.service.ts index 3176cf6a4..418d8603e 100644 --- a/client/src/app/core/renderer/html-renderer.service.ts +++ b/client/src/app/core/renderer/html-renderer.service.ts | |||
@@ -1,6 +1,6 @@ | |||
1 | import { Injectable } from '@angular/core' | 1 | import { Injectable } from '@angular/core' |
2 | import { LinkifierService } from './linkifier.service' | 2 | import { LinkifierService } from './linkifier.service' |
3 | import { SANITIZE_OPTIONS } from '@shared/core-utils/renderer/html' | 3 | import { getCustomMarkupSanitizeOptions, getSanitizeOptions } from '@shared/core-utils/renderer/html' |
4 | 4 | ||
5 | @Injectable() | 5 | @Injectable() |
6 | export class HtmlRendererService { | 6 | export class HtmlRendererService { |
@@ -20,7 +20,7 @@ export class HtmlRendererService { | |||
20 | }) | 20 | }) |
21 | } | 21 | } |
22 | 22 | ||
23 | async toSafeHtml (text: string) { | 23 | async toSafeHtml (text: string, additionalAllowedTags: string[] = []) { |
24 | const [ html ] = await Promise.all([ | 24 | const [ html ] = await Promise.all([ |
25 | // Convert possible markdown to html | 25 | // Convert possible markdown to html |
26 | this.linkifier.linkify(text), | 26 | this.linkifier.linkify(text), |
@@ -28,7 +28,11 @@ export class HtmlRendererService { | |||
28 | this.loadSanitizeHtml() | 28 | this.loadSanitizeHtml() |
29 | ]) | 29 | ]) |
30 | 30 | ||
31 | return this.sanitizeHtml(html, SANITIZE_OPTIONS) | 31 | const options = additionalAllowedTags.length !== 0 |
32 | ? getCustomMarkupSanitizeOptions(additionalAllowedTags) | ||
33 | : getSanitizeOptions() | ||
34 | |||
35 | return this.sanitizeHtml(html, options) | ||
32 | } | 36 | } |
33 | 37 | ||
34 | private async loadSanitizeHtml () { | 38 | private async loadSanitizeHtml () { |