Try to fix Broken Hyperlinks in Markdown to HTML conversion.

Thanks to xet7 ! Fixes #5932
3 months ago · bbbd3abf06
parent dd88483ec7
commit bbbd3abf06
1 changed files with 1 additions and 1 deletions
--- a/packages/markdown/src/secureDOMPurify.js
+++ b/packages/markdown/src/secureDOMPurify.js
@ -14,7 +14,7 @@ export function getSecureDOMPurifyConfig() {
    ],
    // Block dangerous attributes that can cause XSS and CSS injection
    FORBID_ATTR: [
-      'xlink:href', 'href', 'onload', 'onerror', 'onclick', 'onmouseover',
+      'xlink:href', 'onload', 'onerror', 'onclick', 'onmouseover',
      'onfocus', 'onblur', 'onchange', 'onsubmit', 'onreset', 'onselect',
      'onunload', 'onresize', 'onscroll', 'onkeydown', 'onkeyup', 'onkeypress',
      'onmousedown', 'onmouseup', 'onmouseover', 'onmouseout', 'onmousemove',