From 79d5b2c37f99bcfc8e86e8045557f0a0557f93c4 Mon Sep 17 00:00:00 2001
From: Wu Cheng-Han
Date: Sat, 26 Nov 2016 22:46:58 +0800
Subject: Fix slide might able to add unsafe attribute on section tag which
 cause XSS [Security Issue]

---
 public/js/render.js | 1 +
 1 file changed, 1 insertion(+)

(limited to 'public/js/render.js')

diff --git a/public/js/render.js b/public/js/render.js
index 559530b0..a61fc8fb 100644
--- a/public/js/render.js
+++ b/public/js/render.js
@@ -1,5 +1,6 @@
 // allow some attributes
 var whiteListAttr = ['id', 'class', 'style'];
+window.whiteListAttr = whiteListAttr;
 // allow link starts with '.', '/' and custom protocol with '://'
 var linkRegex = /^([\w|-]+:\/\/)|^([\.|\/])+/;
 // allow data uri, from https://gist.github.com/bgrins/6194623
-- 
cgit v1.2.3