summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKoosha Khajeh Moogahi <koosha.khajeh@gmail.com>2012-06-26 19:02:41 +0200
committerFrédéric Buclin <LpSolit@gmail.com>2012-06-26 19:02:41 +0200
commitba4d5480583f91c5d92e1117a21997c0239f6a21 (patch)
tree7742d77f07528d59a6015291fe4071d42e3ec9e7
parentc988473afb34914f8fb47d5b49711ccd6ec3fdbd (diff)
downloadbugzilla-ba4d5480583f91c5d92e1117a21997c0239f6a21.tar.gz
bugzilla-ba4d5480583f91c5d92e1117a21997c0239f6a21.tar.xz
Bug 635882: html_light_quote() should accept the "target" attribute for links
r/a=LpSolit
-rw-r--r--Bugzilla/Util.pm13
1 files changed, 7 insertions, 6 deletions
diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm
index 9e2e1fecd..810c6972f 100644
--- a/Bugzilla/Util.pm
+++ b/Bugzilla/Util.pm
@@ -136,12 +136,13 @@ sub html_light_quote {
# Specific rules for allowed elements. If no specific rule is set
# for a given element, then the default is used.
my @rules = (a => {
- href => $protocol_regexp,
- title => 1,
- id => 1,
- name => 1,
- class => 1,
- '*' => 0, # Reject all other attributes.
+ href => $protocol_regexp,
+ target => qr{^(?:_blank|_parent|_self|_top)$}i,
+ title => 1,
+ id => 1,
+ name => 1,
+ class => 1,
+ '*' => 0, # Reject all other attributes.
},
blockquote => {
cite => $protocol_regexp,