marcel/excalidraw
1
0
Fork 0
mirror of https://github.com/excalidraw/excalidraw.git synced 2025-11-11 16:24:38 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: Gist embed allowing unsafe html (#7883)

Browse Source
This commit is contained in:
David Luzar
2024-04-12 12:57:43 +02:00
committed by GitHub
parent f597bd3e01
commit 0ae9b383d6
3 changed files with 27 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
packages/excalidraw/components/App.tsx
View File

@@ -1212,7 +1212,9 @@ class App extends React.Component<AppProps, AppState> {
title="Excalidraw Embedded Content"
allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
allowFullScreen={true}
sandbox="allow-same-origin allow-scripts allow-forms allow-popups allow-popups-to-escape-sandbox allow-presentation allow-downloads"
sandbox={`${
src?.sandbox?.allowSameOrigin ? "allow-same-origin" : ""
} allow-scripts allow-forms allow-popups allow-popups-to-escape-sandbox allow-presentation allow-downloads`}
/>
)}
</div>