aboutsummaryrefslogtreecommitdiff
path: root/plugins/base/routes.go
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/base/routes.go')
-rw-r--r--plugins/base/routes.go3
1 files changed, 3 insertions, 0 deletions
diff --git a/plugins/base/routes.go b/plugins/base/routes.go
index 02518cc..7b02f11 100644
--- a/plugins/base/routes.go
+++ b/plugins/base/routes.go
@@ -247,6 +247,9 @@ func handleGetPart(ctx *koushin.Context, raw bool) error {
isHTML := false
if strings.EqualFold(mimeType, "text/html") {
p := bluemonday.UGCPolicy()
+ // TODO: be more strict
+ p.AllowElements("style")
+ p.AllowAttrs("style")
body = p.Sanitize(body)
isHTML = true
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-19 06:47:12 +0000