From 81eb3218b20ce00a6b14099219b3ed873ac3a138 Mon Sep 17 00:00:00 2001
From: Sam <sam.saffron@gmail.com>
Date: Mon, 26 Jun 2017 11:27:30 -0400
Subject: [PATCH] FEATURE: used strict sanitizer by default

This amends it so sanitize always uses the most strict sanitizer
by default, if it needs to be "widened" to use more options then
you need to pass it more options.
---
 app/assets/javascripts/discourse/lib/text.js.es6       | 4 ++--
 app/assets/javascripts/pretty-text/white-lister.js.es6 | 8 +++++++-
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/app/assets/javascripts/discourse/lib/text.js.es6 b/app/assets/javascripts/discourse/lib/text.js.es6
index 172e4ac7d33..476ca3ea9ec 100644
--- a/app/assets/javascripts/discourse/lib/text.js.es6
+++ b/app/assets/javascripts/discourse/lib/text.js.es6
@@ -33,8 +33,8 @@ export function cookAsync(text, options) {
 }
 
 
-export function sanitize(text) {
-  return textSanitize(text, new WhiteLister(getOpts()));
+export function sanitize(text, options) {
+  return textSanitize(text, new WhiteLister(options));
 }
 
 function emojiOptions() {
diff --git a/app/assets/javascripts/pretty-text/white-lister.js.es6 b/app/assets/javascripts/pretty-text/white-lister.js.es6
index b48131f71e6..8c37cbd4798 100644
--- a/app/assets/javascripts/pretty-text/white-lister.js.es6
+++ b/app/assets/javascripts/pretty-text/white-lister.js.es6
@@ -14,12 +14,18 @@ function concatUniq(src, elems) {
 
 export default class WhiteLister {
   constructor(options) {
+    options = options || {
+      features: {
+        default: true
+      }
+    };
+
     options.features.default = true;
 
     this._featureKeys = Object.keys(options.features).filter(f => options.features[f]);
     this._key = this._featureKeys.join(':');
     this._features = options.features;
-    this._options = options||{};
+    this._options = {};
   }
 
   getCustom() {