From f491cdabc1dd82e93523ac0e156a669d9f37ba89 Mon Sep 17 00:00:00 2001
From: Wu Cheng-Han
Date: Tue, 14 Mar 2017 16:27:55 +0800
Subject: Fix rendering might result XSS attribute on self closing tag
 [Security Issue]

---
 public/js/index.js | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'public/js/index.js')

diff --git a/public/js/index.js b/public/js/index.js
index e672a68d..23e0f168 100644
--- a/public/js/index.js
+++ b/public/js/index.js
@@ -42,6 +42,7 @@ import {
     deduplicatedHeaderId,
     exportToHTML,
     exportToRawHTML,
+    removeDOMEvents,
     finishView,
     generateToc,
     isValidURL,
@@ -3374,6 +3375,7 @@ function updateViewInner () {
     if (result && lastResult && result.length !== lastResult.length) { updateDataAttrs(result, ui.area.markdown.children().toArray()) }
     lastResult = $(result).clone()
   }
+  removeDOMEvents(ui.area.markdown)
   finishView(ui.area.markdown)
   autoLinkify(ui.area.markdown)
   deduplicatedHeaderId(ui.area.markdown)
-- 
cgit v1.2.3