starred/BookStack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2026-05-04 18:08:46 +03:00
Code Issues 784 Packages Projects Releases 15 Wiki Activity

Content: Updated filters to allow some required attributes

Browse Source 
- Allows target attribute on links.
- Allows custom mention attribute on links.

Adds test case to cover these.
For #6034
This commit is contained in:
Dan Brown
2026-02-23 08:07:41 +00:00
parent 80204518a2
commit 7aef0a48b3
2 changed files with 29 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
app/Util/ConfiguredHtmlPurifier.php
View File

@@ -71,6 +71,8 @@ class ConfiguredHtmlPurifier
$config->set('Core.AllowHostnameUnderscore', true);
$config->set('CSS.AllowTricky', true);
$config->set('HTML.SafeIframe', true);
$config->set('HTML.TargetNoopener', false);
$config->set('HTML.TargetNoreferrer', false);
$config->set('Attr.EnableID', true);
$config->set('Attr.ID.HTML5', true);
$config->set('Output.FixInnerHTML', false);
@@ -141,6 +143,12 @@ class ConfiguredHtmlPurifier
'drawio-diagram',
'Number',
);
// Allow target="_blank" on links
$definition->addAttribute('a', 'target', 'Enum#_blank');
// Allow mention-ids on links
$definition->addAttribute('a', 'data-mention-user-id', 'Number');
}
public function purify(string $html): string