diff options
| -rw-r--r-- | modules/markup/sanitizer.go | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/markup/sanitizer.go b/modules/markup/sanitizer.go index d135d41966..5158e67c2a 100644 --- a/modules/markup/sanitizer.go +++ b/modules/markup/sanitizer.go @@ -38,7 +38,7 @@ func NewSanitizer() { func ReplaceSanitizer() { sanitizer.policy = bluemonday.UGCPolicy() // We only want to allow HighlightJS specific classes for code blocks - sanitizer.policy.AllowAttrs("class").Matching(regexp.MustCompile(`^language-\w+$`)).OnElements("code") + sanitizer.policy.AllowAttrs("class").Matching(regexp.MustCompile(`^language-[\w-]+$`)).OnElements("code") // Checkboxes sanitizer.policy.AllowAttrs("type").Matching(regexp.MustCompile(`^checkbox$`)).OnElements("input") |