Improve SVG sanitizer to handle namespaced attributes (!4427) · Merge requests · GitLab.org / GitLab FOSS · GitLab

Gabriel Mazetto requested to merge bug/svg_sanitizer into master Jun 02, 2016

What does this MR do?

Small refactor in the SVG sanitizer
Enable already whitelisted namespaced attributes to be allowed
Disable xlink:hrefto reference any external resource

Fixes #18100 (closed) cc @stanhu

Are there points in the code the reviewer needs to double check?

Old code had no tests, this one adds minimal specs.

What are the relevant issue numbers?

#18100 (closed)

Screenshots (if relevant)

Before:

After: