diff options
-rw-r--r-- | js/clipboard/external-apps-clipboard-agent.js | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/js/clipboard/external-apps-clipboard-agent.js b/js/clipboard/external-apps-clipboard-agent.js index 5a82314b..65410543 100644 --- a/js/clipboard/external-apps-clipboard-agent.js +++ b/js/clipboard/external-apps-clipboard-agent.js | |||
@@ -186,9 +186,10 @@ var ExternalAppsClipboardAgent = exports.ExternalAppsClipboardAgent = Montage.cr | |||
186 | sanitize : { | 186 | sanitize : { |
187 | value: function(data){ | 187 | value: function(data){ |
188 | data = data.replace(/\<meta [^>]+>/gi, ""); // Remove meta tags | 188 | data = data.replace(/\<meta [^>]+>/gi, ""); // Remove meta tags |
189 | data = data.replace(/\<script [^>]+>/g," "); // Remove script tags | 189 | data = data.replace(/\<script [^>]+>/g," "); // Remove script tags to prevenet script injection attack |
190 | data = data.replace(/\<link [^>]+>/g," "); // Remove script tags | 190 | data = data.replace(/\<link [^>]+>/g," "); // Remove link tags to prevent unwanted css files that may corrupt the stage |
191 | data = data.replace(/\<xml [^>]+>/g," "); // Remove script tags | 191 | data = data.replace(/\<xml [^>]+>/g," "); // Remove xml tags since it works only for IE browsers |
192 | data = data.replace(/\<iframe [^>]+>/g," "); // Remove iframe tags to prevent iframe injection attack | ||
192 | 193 | ||
193 | return data; | 194 | return data; |
194 | } | 195 | } |