Skip to content

Commit

Permalink
refactor($sanitize): remove <script> from valid block elements
Browse files Browse the repository at this point in the history
the script and style tag are explicitly blacklisted, so this doesn't change any functionality.
the change is done to improve code clarity.

Closes angular#12524
  • Loading branch information
IgorMinar authored and petebacondarwin committed Sep 18, 2015
1 parent a4dfa4d commit 2c22c57
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/ngSanitize/sanitize.js
Original file line number Diff line number Diff line change
Expand Up @@ -229,7 +229,7 @@ var optionalEndTagBlockElements = toMap("colgroup,dd,dt,li,p,tbody,td,tfoot,th,t
// Safe Block Elements - HTML5
var blockElements = angular.extend({}, optionalEndTagBlockElements, toMap("address,article," +
"aside,blockquote,caption,center,del,dir,div,dl,figure,figcaption,footer,h1,h2,h3,h4,h5," +
"h6,header,hgroup,hr,ins,map,menu,nav,ol,pre,script,section,table,ul"));
"h6,header,hgroup,hr,ins,map,menu,nav,ol,pre,section,table,ul"));

// Inline Elements - HTML5
var inlineElements = angular.extend({}, optionalEndTagInlineElements, toMap("a,abbr,acronym,b," +
Expand Down

0 comments on commit 2c22c57

Please sign in to comment.