allow styles on any element when sanitizing html - fixes #538

this applies to instance description and server rules
author: dakkar <dakkar@thenautilus.net> 2025-01-18 11:19:36 +0000
committer: dakkar <dakkar@thenautilus.net> 2025-01-18 11:19:36 +0000
commit: 9d6504c2ecb71051a68ae5e2c74552b4aee1a6f0 (patch)
tree: da414fefec2ffc60744a639c722d393d6114e7c1 /packages/frontend/src/scripts
parent: merge: attribute invite codes to admins/moderators (!858) (diff)
download: sharkey-9d6504c2ecb71051a68ae5e2c74552b4aee1a6f0.tar.gz
sharkey-9d6504c2ecb71051a68ae5e2c74552b4aee1a6f0.tar.bz2
sharkey-9d6504c2ecb71051a68ae5e2c74552b4aee1a6f0.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/packages/frontend/src/scripts/sanitize-html.ts b/packages/frontend/src/scripts/sanitize-html.ts
index 6e1a46c746..fc9db9bbdb 100644
--- a/packages/frontend/src/scripts/sanitize-html.ts
+++ b/packages/frontend/src/scripts/sanitize-html.ts
@@ -13,6 +13,7 @@ export default function sanitizeHtml(str: string | null): string | null {
 			...original.defaults.allowedAttributes,
 			a: original.defaults.allowedAttributes.a.concat(['style']),
 			img: original.defaults.allowedAttributes.img.concat(['style']),
+			'*': (original.defaults.allowedAttributes['*'] || []).concat(['style']),
 		},
 	});
 }
author	dakkar <dakkar@thenautilus.net>	2025-01-18 11:19:36 +0000
committer	dakkar <dakkar@thenautilus.net>	2025-01-18 11:19:36 +0000
commit	9d6504c2ecb71051a68ae5e2c74552b4aee1a6f0 (patch)
tree	da414fefec2ffc60744a639c722d393d6114e7c1 /packages/frontend/src/scripts
parent	merge: attribute invite codes to admins/moderators (!858) (diff)
download	sharkey-9d6504c2ecb71051a68ae5e2c74552b4aee1a6f0.tar.gz sharkey-9d6504c2ecb71051a68ae5e2c74552b4aee1a6f0.tar.bz2 sharkey-9d6504c2ecb71051a68ae5e2c74552b4aee1a6f0.zip