jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

#1932 disallow css urls

Browse Source
This commit is contained in:
Toks
2015-04-21 15:10:14 -04:00
parent e9af343161
commit 3a66e521fc
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/logical/d_text.rb
View File

@@ -322,7 +322,9 @@ class DText
"href" => ["http", "https", :relative]
}
},
:css => Sanitize::Config::RELAXED[:css]
:css => Sanitize::Config::RELAXED[:css].merge({
:protocols => []
})
)
end
end