summaryrefslogtreecommitdiff
path: root/public/js/reveal-markdown.js
diff options
context:
space:
mode:
Diffstat (limited to 'public/js/reveal-markdown.js')
-rwxr-xr-x[-rw-r--r--]public/js/reveal-markdown.js5
1 files changed, 4 insertions, 1 deletions
diff --git a/public/js/reveal-markdown.js b/public/js/reveal-markdown.js
index ca22e09c..3c3e1f5b 100644..100755
--- a/public/js/reveal-markdown.js
+++ b/public/js/reveal-markdown.js
@@ -286,7 +286,10 @@
nodeValue = nodeValue.substring( 0, matches.index ) + nodeValue.substring( mardownClassesInElementsRegex.lastIndex );
node.nodeValue = nodeValue;
while( matchesClass = mardownClassRegex.exec( classes ) ) {
- elementTarget.setAttribute( matchesClass[1], matchesClass[2] );
+ var name = matchesClass[1];
+ var value = matchesClass[2];
+ if (name.substr(0, 5) === 'data-' || whiteListAttr.indexOf(name) !== -1)
+ elementTarget.setAttribute( name, filterXSS.escapeAttrValue(value) );
}
return true;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-03 03:48:03 +0000