Add latest changes from gitlab-org/security/gitlab@14-7-stable-ee

author: GitLab Bot <gitlab-bot@gitlab.com> 2022-02-03 11:35:58 +0000
committer: GitLab Bot <gitlab-bot@gitlab.com> 2022-02-03 11:36:09 +0000
commit: eb25ac12499d70f7ebd59b64857e6901a5c32972 (patch)
tree: e6755949ec3f059fcbe5110213cea3d2ef07a506 /app/assets/javascripts
parent: 33bbb6aa7b6369fea0037f3d8a9243824e48f64f (diff)
download: gitlab-ce-eb25ac12499d70f7ebd59b64857e6901a5c32972.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/app/assets/javascripts/notebook/cells/output/html.vue b/app/assets/javascripts/notebook/cells/output/html.vue
index ca02ee18dd1..2d1d8845e41 100644
--- a/app/assets/javascripts/notebook/cells/output/html.vue
+++ b/app/assets/javascripts/notebook/cells/output/html.vue
@@ -30,6 +30,9 @@ export default {
   },
   safeHtmlConfig: {
     ADD_TAGS: ['use'], // to support icon SVGs
+    FORBID_TAGS: ['style'],
+    FORBID_ATTR: ['style'],
+    ALLOW_DATA_ATTR: false,
   },
 };
 </script>
author	GitLab Bot <gitlab-bot@gitlab.com>	2022-02-03 11:35:58 +0000
committer	GitLab Bot <gitlab-bot@gitlab.com>	2022-02-03 11:36:09 +0000
commit	eb25ac12499d70f7ebd59b64857e6901a5c32972 (patch)
tree	e6755949ec3f059fcbe5110213cea3d2ef07a506 /app/assets/javascripts
parent	33bbb6aa7b6369fea0037f3d8a9243824e48f64f (diff)
download	gitlab-ce-eb25ac12499d70f7ebd59b64857e6901a5c32972.tar.gz