Merge branch '30125-markdown-security' into 'security'

Remove class from SanitizationFilter whitelist See merge request !2079
author: Robert Speicher <robert@gitlab.com> 2017-04-02 20:39:41 +0300
committer: DJ Mountney <david@twkie.net> 2017-04-05 23:56:21 +0300
commit: cb2aefe0a5df73911fe9be92a9ed565a517d4e8b (patch)
tree: 83974833c4abe916308235fdf58db09a0d9c6f64 /changelogs
parent: 400da6df457ee29be839c1c454dfed91c27d9427 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/changelogs/unreleased/30125-markdown-security.yml b/changelogs/unreleased/30125-markdown-security.yml
new file mode 100644
index 00000000000..b766caf7d08
--- /dev/null
+++ b/changelogs/unreleased/30125-markdown-security.yml
@@ -0,0 +1,4 @@
+---
+title: Remove the class attribute from the whitelist for HTML generated from Markdown.
+merge_request:
+author:
author	Robert Speicher <robert@gitlab.com>	2017-04-02 20:39:41 +0300
committer	DJ Mountney <david@twkie.net>	2017-04-05 23:56:21 +0300
commit	cb2aefe0a5df73911fe9be92a9ed565a517d4e8b (patch)
tree	83974833c4abe916308235fdf58db09a0d9c6f64 /changelogs
parent	400da6df457ee29be839c1c454dfed91c27d9427 (diff)