@optimiser/common 1.0.450 → 1.0.451
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/lib/utility.js +15 -2
- package/package.json +1 -1
package/dist/lib/utility.js
CHANGED
|
@@ -5046,13 +5046,26 @@ function IsAnotherObjectField(pageData, fieldName) {
|
|
|
5046
5046
|
var CustomSanitizeHtml = function (dirtyHtml, uiDataType) {
|
|
5047
5047
|
var defaultOptions = {
|
|
5048
5048
|
allowedTags: __spreadArray(__spreadArray([], (sanitize_html_1.default.defaults.allowedTags || []), true), [
|
|
5049
|
-
'img'
|
|
5049
|
+
'img',
|
|
5050
|
+
'span'
|
|
5050
5051
|
], false),
|
|
5051
5052
|
allowedAttributes: {
|
|
5053
|
+
'*': ['class', 'style'], // allow class & style on all tags
|
|
5052
5054
|
img: ['src', 'alt', 'title', 'width', 'height'],
|
|
5053
5055
|
a: ['href', 'name', 'target']
|
|
5054
5056
|
},
|
|
5055
|
-
allowedSchemes: ['http', 'https', 'data'],
|
|
5057
|
+
allowedSchemes: ['http', 'https', 'data'],
|
|
5058
|
+
allowedStyles: {
|
|
5059
|
+
'*': {
|
|
5060
|
+
// Allow only safe CSS properties
|
|
5061
|
+
'color': [/^.*$/],
|
|
5062
|
+
'background-color': [/^.*$/],
|
|
5063
|
+
'text-align': [/^left$/, /^right$/, /^center$/, /^justify$/],
|
|
5064
|
+
'font-size': [/^\d+(?:px|em|rem|%)$/],
|
|
5065
|
+
'width': [/^\d+(?:px|%)$/],
|
|
5066
|
+
'height': [/^\d+(?:px|%)$/]
|
|
5067
|
+
}
|
|
5068
|
+
}
|
|
5056
5069
|
};
|
|
5057
5070
|
var sanitizeOptions = (uiDataType === 'texteditor') ? defaultOptions : {};
|
|
5058
5071
|
try {
|