parent
dc78ee4e8b
commit
6435f78a8c
|
@ -6,6 +6,7 @@ v 8.5.0 (unreleased)
|
|||
- Upgrade gitlab_git to 7.2.23 to fix commit message mentions in first branch push
|
||||
- New UI for pagination
|
||||
- Fix diff comments loaded by AJAX to load comment with diff in discussion tab
|
||||
- Whitelist raw "abbr" elements when parsing Markdown (Benedict Etzel)
|
||||
|
||||
v 8.4.0
|
||||
- Allow LDAP users to change their email if it was not set by the LDAP server
|
||||
|
|
|
@ -43,6 +43,10 @@ module Banzai
|
|||
# Allow span elements
|
||||
whitelist[:elements].push('span')
|
||||
|
||||
# Allow abbr elements with title attribute
|
||||
whitelist[:elements].push('abbr')
|
||||
whitelist[:attributes]['abbr'] = %w(title)
|
||||
|
||||
# Allow any protocol in `a` elements...
|
||||
whitelist[:protocols].delete('a')
|
||||
|
||||
|
|
|
@ -75,6 +75,11 @@ describe Banzai::Filter::SanitizationFilter, lib: true do
|
|||
expect(filter(act).to_html).to eq exp
|
||||
end
|
||||
|
||||
it 'allows `abbr` elements' do
|
||||
exp = act = %q{<abbr title="HyperText Markup Language">HTML</abbr>}
|
||||
expect(filter(act).to_html).to eq exp
|
||||
end
|
||||
|
||||
it 'removes `rel` attribute from `a` elements' do
|
||||
act = %q{<a href="#" rel="nofollow">Link</a>}
|
||||
exp = %q{<a href="#">Link</a>}
|
||||
|
|
Loading…
Reference in New Issue