Show More
| @@ -92,11 +92,6 b' IPython.security = (function (IPython) {' | |||||
| 92 | }; |
|
92 | }; | |
| 93 |
|
93 | |||
| 94 | result.sanitized = caja.sanitizeWithPolicy(html, policy); |
|
94 | result.sanitized = caja.sanitizeWithPolicy(html, policy); | |
| 95 | // caja can strip whole elements without logging, |
|
|||
| 96 | // so double-check that node structure didn't change |
|
|||
| 97 | if (result.safe) { |
|
|||
| 98 | result.safe = cmp_tree($(result.sanitized), $(result.src)); |
|
|||
| 99 | } |
|
|||
| 100 | return result; |
|
95 | return result; | |
| 101 | }; |
|
96 | }; | |
| 102 |
|
97 | |||
| @@ -107,7 +102,14 b' IPython.security = (function (IPython) {' | |||||
| 107 |
|
102 | |||
| 108 | var is_safe = function (html) { |
|
103 | var is_safe = function (html) { | |
| 109 | // just return bool for whether an HTML string is safe |
|
104 | // just return bool for whether an HTML string is safe | |
| 110 |
|
|
105 | var result = sanitize(html); | |
|
|
106 | ||||
|
|
107 | // caja can strip whole elements without logging, | |||
|
|
108 | // so double-check that node structure didn't change | |||
|
|
109 | if (result.safe) { | |||
|
|
110 | result.safe = cmp_tree($(result.sanitized), $(html)); | |||
|
|
111 | } | |||
|
|
112 | return result.safe; | |||
| 111 | }; |
|
113 | }; | |
| 112 |
|
114 | |||
| 113 | return { |
|
115 | return { | |
General Comments 0
You need to be logged in to leave comments.
Login now