From ed2c917177689ce0f2fd23cbf157125365075651 Mon Sep 17 00:00:00 2001 From: Carlos B <4706739+cjba7@users.noreply.github.com> Date: Mon, 9 Jan 2023 10:00:57 +0100 Subject: [PATCH 1/2] Added "fax" and "modem" to acceptable protocols based on rfc2806. --- lib/loofah/html5/safelist.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/loofah/html5/safelist.rb b/lib/loofah/html5/safelist.rb index fe17913..ae194fe 100644 --- a/lib/loofah/html5/safelist.rb +++ b/lib/loofah/html5/safelist.rb @@ -982,6 +982,7 @@ module SafeList "callto", "data", "ed2k", + "fax", "feed", "ftp", "gopher", @@ -990,6 +991,7 @@ module SafeList "irc", "line", "mailto", + "modem", "news", "nntp", "rsync", From b0e6f7c158d85d3d1352983f9e0ad8654967054c Mon Sep 17 00:00:00 2001 From: Mike Dalessio Date: Tue, 10 Jan 2023 15:53:24 -0500 Subject: [PATCH 2/2] doc: update CHANGELOG [skip ci] --- CHANGELOG.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2f083c3..3869dc9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,8 +4,9 @@ ### Features -* Allow SVG attributes `color-profile`, `cursor`, `filter`, `marker`, and `mask`. -* Allow SVG elements `altGlyph`, `cursor`, `feImage`, `pattern`, and `tref`. +* Allow SVG attributes `color-profile`, `cursor`, `filter`, `marker`, and `mask`. [[#246](https://github.com/flavorjones/loofah/issues/246)] +* Allow SVG elements `altGlyph`, `cursor`, `feImage`, `pattern`, and `tref`. [[#246](https://github.com/flavorjones/loofah/issues/246)] +* Allow protovols `fax` and `modem`. [[#255](https://github.com/flavorjones/loofah/issues/255)] (Thanks, [@cjba7](https://github.com/cjba7)!) ## 2.19.1 / 2022-12-13