Merge pull request #1948 from riking/patch-3

Removing more stuff from the sanitizer whitelist
2024-11-23 03:16:41 +08:00 · 2014-02-19 12:30:56 -05:00 · 2014-02-19 12:30:56 -05:00 · 40585637fe
commit 40585637fe
parent d56b1b1c74 9f8f0f115c
1 changed files with 0 additions and 114 deletions
--- a/app/assets/javascripts/defer/html-sanitizer-bundle.js
+++ b/app/assets/javascripts/defer/html-sanitizer-bundle.js
@ -812,22 +812,6 @@ html4.ATTRIBS = {
  'a::tabindex': 0,
  'a::target': 10,
  'a::type': 0,
-  'area::accesskey': 0,
-  'area::alt': 0,
-  'area::coords': 0,
-  'area::href': 1,
-  'area::nohref': 0,
-  'area::onblur': 2,
-  'area::onfocus': 2,
-  'area::shape': 0,
-  'area::tabindex': 0,
-  'area::target': 10,
-  'audio::controls': 0,
-  'audio::loop': 0,
-  'audio::mediagroup': 5,
-  'audio::muted': 0,
-  'audio::preload': 0,
-  'audio::src': 1,
  'bdo::dir': 0,
  'blockquote::cite': 1,
  'br::clear': 0,
@ -844,13 +828,6 @@ html4.ATTRIBS = {
  'colgroup::span': 0,
  'colgroup::valign': 0,
  'colgroup::width': 0,
-  'command::checked': 0,
-  'command::command': 5,
-  'command::disabled': 0,
-  'command::icon': 1,
-  'command::label': 0,
-  'command::radiogroup': 0,
-  'command::type': 0,
  'data::value': 0,
  'del::cite': 1,
  'del::datetime': 0,
@ -858,20 +835,9 @@ html4.ATTRIBS = {
  'dir::compact': 0,
  'div::align': 0,
  'dl::compact': 0,
-  'fieldset::disabled': 0,
  'font::color': 0,
  'font::face': 0,
  'font::size': 0,
-  'form::accept': 0,
-  'form::action': 1,
-  'form::autocomplete': 0,
-  'form::enctype': 0,
-  'form::method': 0,
-  'form::name': 7,
-  'form::novalidate': 0,
-  'form::onreset': 2,
-  'form::onsubmit': 2,
-  'form::target': 10,
  'h1::align': 0,
  'h2::align': 0,
  'h3::align': 0,
@ -897,38 +863,8 @@ html4.ATTRIBS = {
  'img::ismap': 0,
  'img::name': 7,
  'img::src': 1,
-  'img::usemap': 11,
  'img::vspace': 0,
  'img::width': 0,
-  'input::accept': 0,
-  'input::accesskey': 0,
-  'input::align': 0,
-  'input::alt': 0,
-  'input::autocomplete': 0,
-  'input::checked': 0,
-  'input::disabled': 0,
-  'input::inputmode': 0,
-  'input::ismap': 0,
-  'input::list': 5,
-  'input::max': 0,
-  'input::maxlength': 0,
-  'input::min': 0,
-  'input::multiple': 0,
-  'input::name': 8,
-  'input::onblur': 2,
-  'input::onchange': 2,
-  'input::onfocus': 2,
-  'input::onselect': 2,
-  'input::placeholder': 0,
-  'input::readonly': 0,
-  'input::required': 0,
-  'input::size': 0,
-  'input::src': 1,
-  'input::step': 0,
-  'input::tabindex': 0,
-  'input::type': 0,
-  'input::usemap': 11,
-  'input::value': 0,
  'ins::cite': 1,
  'ins::datetime': 0,
  'label::accesskey': 0,
@ -939,10 +875,6 @@ html4.ATTRIBS = {
  'legend::align': 0,
  'li::type': 0,
  'li::value': 0,
-  'map::name': 7,
-  'menu::compact': 0,
-  'menu::label': 0,
-  'menu::type': 0,
  'meter::high': 0,
  'meter::low': 0,
  'meter::max': 0,
@ -952,30 +884,12 @@ html4.ATTRIBS = {
  'ol::reversed': 0,
  'ol::start': 0,
  'ol::type': 0,
-  'optgroup::disabled': 0,
-  'optgroup::label': 0,
-  'option::disabled': 0,
-  'option::label': 0,
-  'option::selected': 0,
-  'option::value': 0,
-  'output::for': 6,
-  'output::name': 8,
  'p::align': 0,
  'pre::width': 0,
  'progress::max': 0,
  'progress::min': 0,
  'progress::value': 0,
  'q::cite': 1,
-  'select::autocomplete': 0,
-  'select::disabled': 0,
-  'select::multiple': 0,
-  'select::name': 8,
-  'select::onblur': 2,
-  'select::onchange': 2,
-  'select::onfocus': 2,
-  'select::required': 0,
-  'select::size': 0,
-  'select::tabindex': 0,
  'source::type': 0,
  'track::default': 0,
  'track::kind': 0,
@ -983,15 +897,6 @@ html4.ATTRIBS = {
  'track::srclang': 0,
  'ul::compact': 0,
  'ul::type': 0,
-  'video::controls': 0,
-  'video::height': 0,
-  'video::loop': 0,
-  'video::mediagroup': 5,
-  'video::muted': 0,
-  'video::poster': 1,
-  'video::preload': 0,
-  'video::src': 1,
-  'video::width': 0
 };
 html4[ 'ATTRIBS' ] = html4.ATTRIBS;
 html4.eflags = {
@ -1011,14 +916,10 @@ html4.ELEMENTS = {
  'abbr': 0,
  'acronym': 0,
  'address': 0,
-  'applet': 272,
-  'area': 2,
  'article': 0,
  'aside': 0,
-  'audio': 0,
  'b': 0,
  'base': 274,
-  'basefont': 274,
  'bdi': 0,
  'bdo': 0,
  'big': 0,
@ -1030,9 +931,7 @@ html4.ELEMENTS = {
  'code': 0,
  'col': 2,
  'colgroup': 1,
-  'command': 2,
  'data': 0,
-  'datalist': 0,
  'dd': 1,
  'del': 0,
  'details': 0,
@ -1043,12 +942,9 @@ html4.ELEMENTS = {
  'dl': 0,
  'dt': 1,
  'em': 0,
-  'fieldset': 0,
  'figcaption': 0,
  'figure': 0,
  'font': 0,
-  'footer': 0,
-  'form': 0,
  'frame': 274,
  'frameset': 272,
  'h1': 0,
@ -1065,7 +961,6 @@ html4.ELEMENTS = {
  'i': 0,
  'iframe': 4,
  'img': 2,
-  'input': 2,
  'ins': 0,
  'isindex': 274,
  'kbd': 0,
@ -1074,10 +969,7 @@ html4.ELEMENTS = {
  'legend': 0,
  'li': 1,
  'link': 274,
-  'map': 0,
  'mark': 0,
-  'menu': 0,
-  'meta': 274,
  'meter': 0,
  'nav': 0,
  'nobr': 0,
@ -1086,9 +978,6 @@ html4.ELEMENTS = {
  'noscript': 276,
  'object': 272,
  'ol': 0,
-  'optgroup': 0,
-  'option': 1,
-  'output': 0,
  'p': 1,
  'param': 274,
  'pre': 0,
@ -1098,9 +987,7 @@ html4.ELEMENTS = {
  'samp': 0,
  'script': 84,
  'section': 0,
-  'select': 0,
  'small': 0,
-  'source': 2,
  'span': 0,
  'strike': 0,
  'strong': 0,
@ -1122,7 +1009,6 @@ html4.ELEMENTS = {
  'u': 0,
  'ul': 0,
  'var': 0,
-  'video': 0,
  'wbr': 2
 };
 html4[ 'ELEMENTS' ] = html4.ELEMENTS;