diff options
author | Douwe Maan <douwe@gitlab.com> | 2017-08-30 20:34:34 +0300 |
---|---|---|
committer | Robert Speicher <rspeicher@gmail.com> | 2017-09-08 03:22:16 +0300 |
commit | 9b09856e7b853146ac4ff03d388f7063e6f0efbd (patch) | |
tree | 07917aaf32abdeed859fe5357ab0912e696f914e /lib/banzai | |
parent | 8629d5822a1a7af5708ebb785982b25e0d2400bf (diff) |
Merge branch 'rs-issue-36104' into 'security-9-5'
[9.5] Disallow the `name` attribute on all user-provided markup
See merge request gitlab/gitlabhq!2166
Diffstat (limited to 'lib/banzai')
-rw-r--r-- | lib/banzai/filter/sanitization_filter.rb | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/lib/banzai/filter/sanitization_filter.rb b/lib/banzai/filter/sanitization_filter.rb index 768baa4e227..9923ec4e870 100644 --- a/lib/banzai/filter/sanitization_filter.rb +++ b/lib/banzai/filter/sanitization_filter.rb @@ -45,6 +45,9 @@ module Banzai whitelist[:elements].push('abbr') whitelist[:attributes]['abbr'] = %w(title) + # Disallow `name` attribute globally + whitelist[:attributes][:all].delete('name') + # Allow any protocol in `a` elements... whitelist[:protocols].delete('a') |