summaryrefslogtreecommitdiff
path: root/public/js
diff options
context:
space:
mode:
Diffstat (limited to 'public/js')
-rw-r--r--public/js/render.js3
1 files changed, 2 insertions, 1 deletions
diff --git a/public/js/render.js b/public/js/render.js
index fada5899..18da145c 100644
--- a/public/js/render.js
+++ b/public/js/render.js
@@ -1,10 +1,11 @@
+var whiteListTag = ['style', '!--'];
var whiteListAttr = ['id', 'class', 'style'];
var filterXSSOptions = {
allowCommentTag: true,
onIgnoreTag: function (tag, html, options) {
// allow style in html
- if (tag === 'style') {
+ if (whiteListTag.indexOf(tag) !== -1) {
// do not filter its attributes
return html;
}