diff options
author | mhasbini <mohammad.hasbini@gmail.com> | 2017-03-07 13:08:59 +0300 |
---|---|---|
committer | mhasbini <mohammad.hasbini@gmail.com> | 2017-03-07 13:08:59 +0300 |
commit | 9bcd05401d7de5620a241b3bf431f589f74ee6a5 (patch) | |
tree | 64cfd53b7ecd6d7862c9a0475eb5681f0eafd731 /app/helpers/events_helper.rb | |
parent | b696cbc5a095bcd9dff445b7579651a615977e3d (diff) |
whitelist style attribute in event_note
Diffstat (limited to 'app/helpers/events_helper.rb')
-rw-r--r-- | app/helpers/events_helper.rb | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/app/helpers/events_helper.rb b/app/helpers/events_helper.rb index 362046c0270..5605393c0c3 100644 --- a/app/helpers/events_helper.rb +++ b/app/helpers/events_helper.rb @@ -162,7 +162,12 @@ module EventsHelper def event_note(text, options = {}) text = first_line_in_markdown(text, 150, options) - sanitize(text, tags: %w(a img b pre code p span)) + + sanitize( + text, + tags: %w(a img b pre code p span), + attributes: Rails::Html::WhiteListSanitizer.allowed_attributes + ['style'] + ) end def event_commit_title(message) |