diff options
Diffstat (limited to 'js/src')
| -rw-r--r-- | js/src/util/sanitizer.js | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/js/src/util/sanitizer.js b/js/src/util/sanitizer.js index af846a21e..5a07a67c1 100644 --- a/js/src/util/sanitizer.js +++ b/js/src/util/sanitizer.js @@ -16,8 +16,6 @@ const uriAttributes = new Set([ 'xlink:href' ]) -const ARIA_ATTRIBUTE_PATTERN = /^aria-[\w-]*$/i - /** * A pattern that recognizes a commonly useful subset of URLs that are safe. * @@ -48,6 +46,9 @@ const allowedAttribute = (attribute, allowedAttributeList) => { .some(regex => regex.test(attributeName)) } +// js-docs-start allow-list +const ARIA_ATTRIBUTE_PATTERN = /^aria-[\w-]*$/i + export const DefaultAllowlist = { // Global attributes allowed on any supplied element below. '*': ['class', 'dir', 'id', 'lang', 'role', ARIA_ATTRIBUTE_PATTERN], @@ -81,6 +82,7 @@ export const DefaultAllowlist = { u: [], ul: [] } +// js-docs-end allow-list export function sanitizeHtml(unsafeHtml, allowList, sanitizeFunction) { if (!unsafeHtml.length) { |
