From 037822b994db3ef879276c44d3b9d6830ad66c82 Mon Sep 17 00:00:00 2001
From: Regev Brody <regevbr@gmail.com>
Date: Mon, 8 Jun 2020 02:23:33 +0300
Subject: [PATCH] fix: secure html module removes target attribute from links
 (#2012)

---
 server/modules/rendering/html-security/renderer.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/modules/rendering/html-security/renderer.js b/server/modules/rendering/html-security/renderer.js
index 567fd886..9f7484ca 100644
--- a/server/modules/rendering/html-security/renderer.js
+++ b/server/modules/rendering/html-security/renderer.js
@@ -7,7 +7,7 @@ module.exports = {
       const window = new JSDOM('').window
       const DOMPurify = createDOMPurify(window)
 
-      const allowedAttrs = ['v-pre', 'v-slot:tabs', 'v-slot:content']
+      const allowedAttrs = ['v-pre', 'v-slot:tabs', 'v-slot:content', 'target']
       const allowedTags = ['tabset', 'template']
 
       if (config.allowIFrames) {