vassili/seitime-frappe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 4

fix: match multiline scripts and styles

Browse source
This commit is contained in:
Faris Ansari 2020-09-15 14:30:41 +05:30
parent 12476fee42
commit 7e2fed4ed2
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
frappe/public/js/frappe/dom.js
View file

@ -34,7 +34,7 @@ frappe.dom = {
},
remove_script_and_style: function(txt) {
const evil_tags = ["script", "style", "noscript", "title", "meta", "base", "head"];
const regex = new RegExp(evil_tags.map(tag => `<${tag}>.*<\\/${tag}>`).join('|'));
const regex = new RegExp(evil_tags.map(tag => `<${tag}>.*<\\/${tag}>`).join('|'), 's');
if (!regex.test(txt)) {
// no evil tags found, skip the DOM method entirely!
return txt;