From 726975863b98755dcc08593188470b6025b99c04 Mon Sep 17 00:00:00 2001
From: Jan-Yves Ruzicka <jan@1klb.com>
Date: Sat, 8 Feb 2020 17:51:59 +1300
Subject: [PATCH] Use Loofah::HTML5::SafeList where possible

---
 config/initializers/sanitizer.rb | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/config/initializers/sanitizer.rb b/config/initializers/sanitizer.rb
index 6d99f4042..46ca6ebd2 100644
--- a/config/initializers/sanitizer.rb
+++ b/config/initializers/sanitizer.rb
@@ -1 +1,10 @@
-Loofah::HTML5::WhiteList::ALLOWED_PROTOCOLS.merge(%w(message onenote))
+# From Loofah 2.3.0, we should use Loofah::HTML5::SafeList over
+# Loofah::HTML5::WhiteList
+safe_list =
+  if Loofah::HTML5.constants.include?(:SafeList)
+    Loofah::HTML5::SafeList
+  else
+    Loofah::HTML5::WhiteList
+  end
+
+safe_list::ALLOWED_PROTOCOLS.merge(%w(message onenote))