commit 5c27885a2f35106dc7934b8e9c08986004ba0a58
parent 165e38050c81ee6700232527c72dec96000cdd2b
Author: default <nobody@localhost>
Date: Tue, 11 Feb 2025 18:45:52 +0100
In sanitize(), also accept attribute values between single quotes.
Diffstat:
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/format.c b/format.c
@@ -458,7 +458,7 @@ xs_str *sanitize(const char *content)
if (valid_tags[i]) {
/* accepted tag: rebuild it with only the accepted elements */
- xs *el = xs_regex_select(v, "(src|href|rel|class|target)=\"[^\"]*\"");
+ xs *el = xs_regex_select(v, "(src|href|rel|class|target)=(\"[^\"]*\"|'[^']*')");
xs *s3 = xs_join(el, " ");
s2 = xs_fmt("<%s%s%s%s>",
