diff options
Diffstat (limited to '')
-rwxr-xr-x | public/js/reveal-markdown.js | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/public/js/reveal-markdown.js b/public/js/reveal-markdown.js index ca22e09c..3c3e1f5b 100755 --- a/public/js/reveal-markdown.js +++ b/public/js/reveal-markdown.js @@ -286,7 +286,10 @@ nodeValue = nodeValue.substring( 0, matches.index ) + nodeValue.substring( mardownClassesInElementsRegex.lastIndex ); node.nodeValue = nodeValue; while( matchesClass = mardownClassRegex.exec( classes ) ) { - elementTarget.setAttribute( matchesClass[1], matchesClass[2] ); + var name = matchesClass[1]; + var value = matchesClass[2]; + if (name.substr(0, 5) === 'data-' || whiteListAttr.indexOf(name) !== -1) + elementTarget.setAttribute( name, filterXSS.escapeAttrValue(value) ); } return true; } |