From 2e8aa209f013d567bb3956a3e4201d3b2d63fe10 Mon Sep 17 00:00:00 2001
From: Robert Speicher <robert@gitlab.com>
Date: Sun, 2 Apr 2017 17:39:41 +0000
Subject: Merge branch '30125-markdown-security'

Remove class from SanitizationFilter whitelist

See merge request !2079
---
 lib/banzai/renderer/html.rb | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 lib/banzai/renderer/html.rb

(limited to 'lib/banzai/renderer')

diff --git a/lib/banzai/renderer/html.rb b/lib/banzai/renderer/html.rb
new file mode 100644
index 00000000000..252caa35947
--- /dev/null
+++ b/lib/banzai/renderer/html.rb
@@ -0,0 +1,13 @@
+module Banzai
+  module Renderer
+    class HTML < Redcarpet::Render::HTML
+      def block_code(code, lang)
+        lang_attr = lang ? %Q{ lang="#{lang}"} : ''
+
+        "\n<pre>" \
+          "<code#{lang_attr}>#{html_escape(code)}</code>" \
+        "</pre>"
+      end
+    end
+  end
+end
-- 
cgit v1.2.1