Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Enable Style/MultilineArrayBraceLayout | Douwe Maan | 2017-02-23 | 1 | -12/+13 |
| | |||||
* | Refactored SVG sanitizer | Gabriel Mazetto | 2016-06-12 | 1 | -24/+23 |
| | |||||
* | Refactor SVG sanitizer and prevent `xlink:href` to refer to external resources | Gabriel Mazetto | 2016-06-12 | 1 | -5/+15 |
| | |||||
* | Fix SVG whitelisting to allow namespaced attributes | Gabriel Mazetto | 2016-06-12 | 1 | -5/+18 |
| | |||||
* | Fix warning messages with SVG ALLOWED_ELEMENTS | Stan Hu | 2016-05-19 | 2 | -89/+89 |
| | | | | Eliminates "warning: already initialized constant Gitlab::Sanitizers::SVG::ALLOWED_ELEMENTS" | ||||
* | Update SVG sanitizer to conform to SVG 1.1 | Stan Hu | 2016-05-06 | 2 | -0/+144 |
Use a custom Loofah scrubber since sanitize 2.x transformers are inadequate to handle case-sensitive SVG attributes. sanitize parses documents as HTML instead of XML, which causes all SVG attribute names (e.g. viewBox) to be downcased. * SVG element list: https://www.w3.org/TR/SVG/eltindex.html * SVG attribute list: https://www.w3.org/TR/SVG/attindex.html Closes #14555 |