deac/instiki
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Sanitize <svg:image>

Browse source 
This element is unsafe.
This commit is contained in:
Jacques Distler 2007-10-29 13:51:41 -05:00
parent 9c55037626
commit eca126f589
2 changed files with 8 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
vendor/plugins/HTML5lib/lib/html5/sanitizer.rb vendored
View file

@ -33,7 +33,7 @@ module HTML5
SVG_ELEMENTS = %w[a animate animateColor animateMotion animateTransform SVG_ELEMENTS = %w[a animate animateColor animateMotion animateTransform
circle defs desc ellipse font-face font-face-name font-face-src g circle defs desc ellipse font-face font-face-name font-face-src g
glyph hkern image linearGradient line marker metadata missing-glyph glyph hkern linearGradient line marker metadata missing-glyph
mpath path polygon polyline radialGradient rect set stop svg switch mpath path polygon polyline radialGradient rect set stop svg switch
text title tspan use] text title tspan use]

7
vendor/plugins/HTML5lib/testdata/sanitizer/tests1.dat vendored
View file

@ -444,5 +444,12 @@
"rexml": "<rect fill=' '></rect>", "rexml": "<rect fill=' '></rect>",
"xhtml": "<rect fill=' '></rect>", "xhtml": "<rect fill=' '></rect>",
"output": "<rect fill=' '/>" "output": "<rect fill=' '/>"
},
{
"name": "allow_html5_image_tag",
"input": "<image src='foo' />",
"rexml": "&lt;image src=\"foo\"&gt;&lt;/image&gt;",
"output": "&lt;image src=\"foo\"/&gt;"
} }
] ]