Age | Commit message (Collapse) | Author |
|
Fixes #1367
|
|
hrefs (#1334)
* fix exception when trying to serialize posts with <a> tags in them without hrefs
* Add tests
Co-authored-by: Thibaut Girka <thib@sitedethib.com>
|
|
link is “safe”
|
|
Fixes #1281
|
|
Well, kinda, it's actually a bug from glitch-soc, but we will have to address it separately.
|
|
Conflicts:
- `Gemfile`:
We updated httplog in a separate commit.
Took upstream's change which updated it further.
- `Gemfile.lock`:
We updated httplog in a separate commit.
Took upstream's change which updated it further.
- `app/lib/sanitize_config.rb`:
Upstream added better unsupported link stripping,
while we had different sanitizing configs.
Took only upstream's link stripping code.
- `config/locales/simple_form.pl.yml`:
Strings unused in glitch-soc had been removed from
glitch-soc, reintroduced them even if they are not
useful, to reduce the risk of later merge conflicts.
|
|
- Disallow links with relative paths
- Disallow iframes with non-http protocols and relative paths
Close #13037
|
|
|
|
* Add test
* Fix code for sanitizing nested lists stripping all tags
|
|
Conflicts:
- app/lib/sanitize_config.rb
Keep our version, we support the tags upstream transforms.
- package.json
- yarn.lock
|
|
Fix #10834
|