From ab04ef4f0cb2a04836eaa4a5aabe90ab55e1a3d5 Mon Sep 17 00:00:00 2001
From: Nazar Kanaev <nkanaev@live.com>
Date: Sat, 15 Aug 2020 13:46:01 +0100
Subject: [PATCH] sanitizer forbid

---
 template/static/javascripts/app.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/template/static/javascripts/app.js b/template/static/javascripts/app.js
index 00b9f40..8830a6a 100644
--- a/template/static/javascripts/app.js
+++ b/template/static/javascripts/app.js
@@ -37,7 +37,7 @@ var sanitize = function(content, base) {
     if (node.attributes.src && node.attributes.src.value)
       node.src = new URL(node.attributes.src.value, base).toString()
   })
-  return sanitizer.sanitize(content)
+  return sanitizer.sanitize(content, {FORBID_TAGS: ['style'], FORBID_ATTR: ['style', 'class']})
 }
 
 Vue.directive('scroll', {