]> cat aescling's git repositories - mastodon.git/commitdiff
cat aescling's git repositories / mastodon.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: fe8c696)
Add `sandbox` attribute to preview card iframes
authorClaire <claire.github-309c@sitedethib.com>
Wed, 7 Jun 2023 09:08:38 +0000 (11:08 +0200)
committerClaire <claire.github-309c@sitedethib.com>
Thu, 6 Jul 2023 13:43:16 +0000 (15:43 +0200)
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
lib/sanitize_ext/sanitize_config.rb patch | blob | history

diff --git a/lib/sanitize_ext/sanitize_config.rb b/lib/sanitize_ext/sanitize_config.rb
index d894ab4fa83b5abf29758e1b8158b2202ae9e8b1..8479458cffe2ea833a3347a73657b589fc054b27 100644 (file)
--- a/lib/sanitize_ext/sanitize_config.rb
+++ b/lib/sanitize_ext/sanitize_config.rb
@@ -130,6 +130,10 @@ class Sanitize
         'embed'  => { 'src' => HTTP_PROTOCOLS },
         'iframe' => { 'src' => HTTP_PROTOCOLS },
         'source' => { 'src' => HTTP_PROTOCOLS },
+      },
+
+      add_attributes: {
+        'iframe' => { 'sandbox' => 'allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox allow-forms' },
       }
     )
 
source code fur Kibicat Mastodon