From cadb306b666d07e714d8734148f4aa2680d044f1 Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@freedombone.net>
Date: Mon, 13 Sep 2021 18:08:45 +0100
Subject: [PATCH] Define strings outside of loop

---
 utils.py | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/utils.py b/utils.py
index d6d8795a4..1964b1863 100644
--- a/utils.py
+++ b/utils.py
@@ -825,6 +825,12 @@ def dangerousMarkup(content: str, allowLocalNetworkAccess: bool) -> bool:
     """Returns true if the given content contains dangerous html markup
     """
     separators = (['<', '>'], ['&lt;', '&gt;'])
+    invalidStrings = (
+        'script', 'noscript',
+        'canvas', 'style', 'abbr',
+        'frame', 'iframe', 'html', 'body',
+        'hr', 'allow-popups', 'allow-scripts'
+    )
     for separatorStyle in separators:
         startChar = separatorStyle[0]
         endChar = separatorStyle[1]
@@ -836,10 +842,6 @@ def dangerousMarkup(content: str, allowLocalNetworkAccess: bool) -> bool:
         invalidPartials = ()
         if not allowLocalNetworkAccess:
             invalidPartials = getLocalNetworkAddresses()
-        invalidStrings = ('script', 'noscript',
-                          'canvas', 'style', 'abbr',
-                          'frame', 'iframe', 'html', 'body',
-                          'hr', 'allow-popups', 'allow-scripts')
         for markup in contentSections:
             if endChar not in markup:
                 continue