diff options
| author | Benedict Etzel <developer@beheh.de> | 2016-01-22 13:47:14 +0100 |
|---|---|---|
| committer | Benedict Etzel <developer@beheh.de> | 2016-01-23 20:38:06 +0100 |
| commit | 6435f78a8c66be92613c3a8ea4ec8171d0c38fea (patch) | |
| tree | fe633fc0e6bfcb481e196616105b654dbda85877 /lib | |
| parent | dc78ee4e8b4911edf04949e2aa036997623d60ae (diff) | |
| download | gitlab-ce-6435f78a8c66be92613c3a8ea4ec8171d0c38fea.tar.gz | |
Whitelist raw "abbr" elements when parsing Markdown
Closes #12517
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/banzai/filter/sanitization_filter.rb | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/lib/banzai/filter/sanitization_filter.rb b/lib/banzai/filter/sanitization_filter.rb index 3f49d492f2f..d1e11eedec3 100644 --- a/lib/banzai/filter/sanitization_filter.rb +++ b/lib/banzai/filter/sanitization_filter.rb @@ -43,6 +43,10 @@ module Banzai # Allow span elements whitelist[:elements].push('span') + # Allow abbr elements with title attribute + whitelist[:elements].push('abbr') + whitelist[:attributes]['abbr'] = %w(title) + # Allow any protocol in `a` elements... whitelist[:protocols].delete('a') |