Made Sanitizer-setup cleaner

diff --git a/modules/base/tool.go b/modules/base/tool.go
index c6522d1246123dcc735550fd7edbc8b9299fc129..f98ae28b93a3935034bdebfb8557ab5c228962dd 100644 (file)
--- a/modules/base/tool.go
+++ b/modules/base/tool.go
@@ -31,7 +31,16 @@ import (
        "github.com/gogits/gogs/modules/setting"
 )
 
-var Sanitizer = bluemonday.UGCPolicy().AllowAttrs("class").Matching(regexp.MustCompile(`[\p{L}\p{N}\s\-_',:\[\]!\./\\\(\)&]*`)).OnElements("code").AllowElements("input").AllowAttrs("type", "checked", "disabled").OnElements("input")
+func BuildSanitizer() (p *bluemonday.Policy) {
+       p = bluemonday.UGCPolicy()
+       p.AllowAttrs("class").Matching(regexp.MustCompile(`[\p{L}\p{N}\s\-_',:\[\]!\./\\\(\)&]*`)).OnElements("code")
+
+       p.AllowAttrs("type").Matching(regexp.MustCompile(`^checkbox$`)).OnElements("input")
+       p.AllowAttrs("checked", "disabled").OnElements("input")
+       return p
+}
+
+var Sanitizer = BuildSanitizer()
 
 // EncodeMD5 encodes string to md5 hex value.
 func EncodeMD5(str string) string {