diff options
Diffstat (limited to 'app/assets/javascripts/lib/dompurify.js')
-rw-r--r-- | app/assets/javascripts/lib/dompurify.js | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/app/assets/javascripts/lib/dompurify.js b/app/assets/javascripts/lib/dompurify.js index 47ede8cb1bb..47568f0ecff 100644 --- a/app/assets/javascripts/lib/dompurify.js +++ b/app/assets/javascripts/lib/dompurify.js @@ -3,7 +3,7 @@ import { getNormalizedURL, getBaseURL, relativePathToAbsolute } from '~/lib/util const defaultConfig = { // Safely allow SVG <use> tags - ADD_TAGS: ['use', 'gl-emoji'], + ADD_TAGS: ['use', 'gl-emoji', 'copy-code'], // Prevent possible XSS attacks with data-* attributes used by @rails/ujs // See https://gitlab.com/gitlab-org/gitlab-ui/-/issues/1421 FORBID_ATTR: ['data-remote', 'data-url', 'data-type', 'data-method'], |