Merge branch 'rs-allow-name-on-anchors' into 'master'

Re-allow `name` attribute on user-provided anchor HTML Closes #38196 See merge request gitlab-org/gitlab-ce!14452
author: Douwe Maan <douwe@gitlab.com> 2017-09-25 07:49:43 +0000
committer: Douwe Maan <douwe@gitlab.com> 2017-09-25 07:49:43 +0000
commit: a183b529dc2a1b9345ec594578d1d54b777f9365 (patch)
tree: 8f8784d141384d0852c8255dfac1ad3cec3bb895 /lib
parent: 26f05621248c6155af196794239d80117f915a0c (diff)
parent: f6bc4403d2f83e5571a06af3ad0989422bf23c12 (diff)
download: gitlab-ce-a183b529dc2a1b9345ec594578d1d54b777f9365.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/banzai/filter/sanitization_filter.rb b/lib/banzai/filter/sanitization_filter.rb
index 9923ec4e870..88b17e12576 100644
--- a/lib/banzai/filter/sanitization_filter.rb
+++ b/lib/banzai/filter/sanitization_filter.rb
@@ -45,8 +45,9 @@ module Banzai
         whitelist[:elements].push('abbr')
         whitelist[:attributes]['abbr'] = %w(title)
 
-        # Disallow `name` attribute globally
+        # Disallow `name` attribute globally, allow on `a`
         whitelist[:attributes][:all].delete('name')
+        whitelist[:attributes]['a'].push('name')
 
         # Allow any protocol in `a` elements...
         whitelist[:protocols].delete('a')
author	Douwe Maan <douwe@gitlab.com>	2017-09-25 07:49:43 +0000
committer	Douwe Maan <douwe@gitlab.com>	2017-09-25 07:49:43 +0000
commit	a183b529dc2a1b9345ec594578d1d54b777f9365 (patch)
tree	8f8784d141384d0852c8255dfac1ad3cec3bb895 /lib
parent	26f05621248c6155af196794239d80117f915a0c (diff)
parent	f6bc4403d2f83e5571a06af3ad0989422bf23c12 (diff)
download	gitlab-ce-a183b529dc2a1b9345ec594578d1d54b777f9365.tar.gz