kyy/swagger-ui
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: markdown sanitization of form tag (#7146)

Browse Source
This commit is contained in:
Tim Lai
2021-03-31 11:03:57 -07:00
committed by GitHub
parent 4abbc62b87
commit f5b84e59ce
2 changed files with 13 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/core/components/providers/markdown.jsx
View File

@@ -68,7 +68,7 @@ export function sanitizer(str, { useUnsafeMarkdown = false } = {}) {
return DomPurify.sanitize(str, {
ADD_ATTR: ["target"],
FORBID_TAGS: ["style"],
FORBID_TAGS: ["style", "form"],
ALLOW_DATA_ATTR,
FORBID_ATTR,
})