#26790 whitelist style attribute in event_note
What does this MR do?
Whitelist style
attribute when sanitizing todo body.
Are there points in the code the reviewer needs to double check?
Tests: if they are in the appropriate file, and if they cover the proposed fix.
Why was this MR needed?
Fix #26790 (closed)
Screenshots (if relevant)
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated -
API support added - Tests
-
Added for this feature/bug -
All builds are passing
-
-
Conform by the merge request performance guides -
Conform by the style guides -
Branch has no merge conflicts with master
(if it does - rebase it please) -
Squashed related commits together
What are the relevant issue numbers?
Closes #26790 (closed)
Rails::Html::WhiteListSanitizer.allowed_attributes
have default value the set. href src width height alt cite datetime title class name xml:lang abbr
[1].
So the call sanitize(text, tags: %w(a img b pre code p span))
was removing the style
attribute from the label span.
I've added style
attribute to the default set.