From f09f4105ba32c753c10f48b97ca69948a4f18a95 Mon Sep 17 00:00:00 2001
From: Julian Lam <julian@nodebb.org>
Date: Mon, 11 Sep 2023 13:56:50 -0400
Subject: [PATCH] fix: nodebb/nodebb-plugin-link-preview#18, remove sup from
 allowedTags, add source + source attributes

---
 src/posts/parse.js | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/posts/parse.js b/src/posts/parse.js
index 944c1c2125..75747b3887 100644
--- a/src/posts/parse.js
+++ b/src/posts/parse.js
@@ -14,9 +14,8 @@ const utils = require('../utils');
 let sanitizeConfig = {
 	allowedTags: sanitize.defaults.allowedTags.concat([
 		// Some safe-to-use tags to add
-		'sup', 'ins', 'del', 'img', 'button',
-		'video', 'audio', 'iframe', 'embed',
-		// 'sup' still necessary until https://github.com/apostrophecms/sanitize-html/pull/422 merged
+		'ins', 'del', 'img', 'button',
+		'video', 'audio', 'source', 'iframe', 'embed',
 	]),
 	allowedAttributes: {
 		...sanitize.defaults.allowedAttributes,
@@ -25,6 +24,7 @@ let sanitizeConfig = {
 		iframe: ['height', 'name', 'src', 'width'],
 		video: ['autoplay', 'controls', 'height', 'loop', 'muted', 'poster', 'preload', 'src', 'width'],
 		audio: ['autoplay', 'controls', 'loop', 'muted', 'preload', 'src'],
+		source: ['type', 'src', 'srcset', 'sizes', 'media', 'height', 'width'],
 		embed: ['height', 'src', 'type', 'width'],
 	},
 	globalAttributes: ['accesskey', 'class', 'contenteditable', 'dir',