From 12c83a13c77eb9246e9bf94e112bb51494390905 Mon Sep 17 00:00:00 2001 From: El RIDO Date: Wed, 5 Feb 2020 19:06:45 +0100 Subject: [PATCH] addressing false positive jsverify rngState 85f362db8950cea741 --- js/test/AttachmentViewer.js | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/js/test/AttachmentViewer.js b/js/test/AttachmentViewer.js index 0cf89a3..54ddfc1 100644 --- a/js/test/AttachmentViewer.js +++ b/js/test/AttachmentViewer.js @@ -88,7 +88,12 @@ describe('AttachmentViewer', function () { if (prefix.indexOf('').text((prefix + filename + postfix)).text(); } else { - result = prefix + $.PrivateBin.Helper.htmlEntities(filename) + postfix; + result = DOMPurify.sanitize( + prefix + $.PrivateBin.Helper.htmlEntities(filename) + postfix, { + ALLOWED_TAGS: ['a', 'i', 'span'], + ALLOWED_ATTR: ['href', 'id'] + } + ); } if (filename.length) { results.push(