]> git.proxmox.com Git - proxmox-widget-toolkit.git/blobdiff - src/Parser.js
projects / proxmox-widget-toolkit.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
markdown: extend blocked tags in sanitizer
[proxmox-widget-toolkit.git] / src / Parser.js
diff --git a/src/Parser.js b/src/Parser.js
index fd148aa27f0ac997e3c063161d1d30a645ab7b84..779195fdb4a5a33b2111faf18e2d3b02bd81afb8 100644 (file)
--- a/src/Parser.js
+++ b/src/Parser.js
@@ -14,7 +14,9 @@ Ext.define('Proxmox.Markdown', {
        let _sanitize;
        _sanitize = (node) => {
            if (node.nodeType === 3) return;
-           if (node.nodeType !== 1 || /^(script|style|iframe|object|embed|svg)$/i.test(node.tagName)) {
+           if (node.nodeType !== 1 ||
+               /^(script|style|form|select|option|optgroup|map|area|canvas|textarea|applet|font|iframe|audio|video|object|embed|svg)$/i.test(node.tagName)
+           ) {
                // could do node.remove() instead, but it's nicer UX if we keep the (encoded!) html
                node.outerHTML = Ext.String.htmlEncode(node.outerHTML);
                return;
Proxmox ExtJS Helpers