From 3eed51dbacf8e1355eead639775234dad48e1750 Mon Sep 17 00:00:00 2001
From: boredomh1 <7559492+joaoh1@users.noreply.github.com>
Date: Thu, 21 Jan 2021 18:40:09 -0300
Subject: [PATCH] Fix summary tags being always escaped by XSS (#84)

* Fix summary tags being removed by XSS

* Follow falseresync's suggestion

Co-authored-by: joaoh1 <joaoh1@users.noreply.github.com>
---
 plugins/compiled-markdown-directive.js | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/plugins/compiled-markdown-directive.js b/plugins/compiled-markdown-directive.js
index dede88809..b27ecd32e 100644
--- a/plugins/compiled-markdown-directive.js
+++ b/plugins/compiled-markdown-directive.js
@@ -2,8 +2,17 @@ import Vue from 'vue'
 import xss from 'xss'
 import marked from 'marked'
 
+const options = {
+  whiteList: {
+    ...xss.whiteList,
+    summary: [],
+  },
+}
+
+const configuredXss = new xss.FilterXSS(options)
+
 function compileMarkdown(target, markdown) {
-  target.innerHTML = xss(marked(markdown))
+  target.innerHTML = configuredXss.process(marked(markdown))
 }
 
 Vue.directive('compiled-markdown', {