diff --git a/js/privatebin.js b/js/privatebin.js index 371f70a2..01deba91 100644 --- a/js/privatebin.js +++ b/js/privatebin.js @@ -63,17 +63,17 @@ jQuery.PrivateBin = (function($) { /** * DOMpurify settings for HTML content, where only a strict subset is allowed. - * + * * NOTE: The key `USE_PROFILES` from {@see purifyHtmlConfig} needs to be excluded, * as otherwise `USE_PROFILES` takes precedence. * * @private */ - const purifyHtmlConfigStrictSubset { + const purifyHtmlConfigStrictSubset = { ALLOWED_URI_REGEXP: purifyHtmlConfig.ALLOWED_URI_REGEXP, ALLOWED_TAGS: ['a', 'i', 'span', 'kbd'], ALLOWED_ATTR: ['href', 'id'] - }) + }; /** * DOMpurify settings for SVG content @@ -977,7 +977,7 @@ jQuery.PrivateBin = (function($) { function isStringContainsHtml(messageId) { // message IDs are allowed to contain anchors, spans, keyboard and emphasis tags // we can recognize all of them by only checking for anchors and keyboard tags - return args[0].indexOf(' 'sha512-BYj4xggowR7QD150VLSTRlzH62YPfhpIM+b/1EUEr7RQpdWAGKulxWnOvjFx1FUlba4m6ihpNYuQab51H6XlYg==', 'js/legacy.js' => 'sha512-RQEo1hxpNc37i+jz/D9/JiAZhG8GFx3+SNxjYnI7jUgirDIqrCSj6QPAAZeaidditcWzsJ3jxfEj5lVm7ZwTRQ==', 'js/prettify.js' => 'sha512-puO0Ogy++IoA2Pb9IjSxV1n4+kQkKXYAEUtVzfZpQepyDPyXk8hokiYDS7ybMogYlyyEIwMLpZqVhCkARQWLMg==', - 'js/privatebin.js' => 'sha512-4kyDedBvdmfL+0OQcVMkHIAsf4TMW8/iuKyQfYJYfjxc6lPYwFiBQo7Qvy6sILRnKy6TJoK0KmTFDDi1p83vHA==', + 'js/privatebin.js' => 'sha512-yhkiWE2QOk8EfAbeu9U4DVuium56VOHrIrKetgSe0dGaw+Tqxar1m3eGSxW9JJ0pC2uvP2+m49VDZ8e7iaLGVQ==', 'js/purify-3.3.0.js' => 'sha512-lsHD5zxs4lu/NDzaaibe27Vd2t7Cy9JQ3qDHUvDfb4oZvKoWDNEhwUY+4bT3R68cGgpgCYp8U1x2ifeVxqurdQ==', 'js/showdown-2.1.0.js' => 'sha512-WYXZgkTR0u/Y9SVIA4nTTOih0kXMEd8RRV6MLFdL6YU8ymhR528NLlYQt1nlJQbYz4EW+ZsS0fx1awhiQJme1Q==', 'js/zlib-1.3.1-2.js' => 'sha512-4gT+v+BkBqdVBbKOO4qKGOAzuay+v1FmOLksS+bMgQ08Oo4xEb3X48Xq1Kv2b4HtiCQA7xq9dFRzxal7jmQI7w==',