From af76a5809e4771ef61d4ac6a8c18c64aac29ffa7 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Fri, 11 Dec 2020 10:02:23 +0000 Subject: [PATCH] Check for enabling scripts or popups --- content.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content.py b/content.py index ea41a40ff..dce84199e 100644 --- a/content.py +++ b/content.py @@ -166,7 +166,7 @@ def dangerousMarkup(content: str, allowLocalNetworkAccess: bool) -> bool: invalidPartials = ('127.0.', '192.168', '10.0.') invalidStrings = ('script', 'canvas', 'style', 'abbr', 'frame', 'iframe', 'html', 'body', - 'hr') + 'hr', 'allow-popups', 'allow-scripts') for markup in contentSections: if '>' not in markup: continue