tdsds.com/gitea
1
1
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2025-11-03 21:08:25 +00:00
Code Releases Activity

add regexp to restrict <code class=""></code>

Browse Source
This commit is contained in:
Hongcai Deng
2015-09-10 09:06:09 +08:00
parent 357c002c03
commit e4d4662074
1 changed files with 2 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
modules/base/tool.go
View File

@@ -15,6 +15,7 @@ import (
"hash" "hash"
"html/template" "html/template"
"math" "math"
"regexp"
"strings" "strings"
"time" "time"
@@ -26,11 +27,8 @@ import (
"github.com/gogits/gogs/modules/setting" "github.com/gogits/gogs/modules/setting"
) )
var Sanitizer = bluemonday.UGCPolicy() var Sanitizer = bluemonday.UGCPolicy().AllowAttrs("class").Matching(regexp.MustCompile(`[\p{L}\p{N}\s\-_',:\[\]!\./\\\(\)&]*`)).OnElements("code")
func init() {
Sanitizer.AllowAttrs("class").OnElements("code")
}
// Encode string to md5 hex value. // Encode string to md5 hex value.
func EncodeMd5(str string) string { func EncodeMd5(str string) string {