From fa4ced05922dfc20b999fdaac6f4ed295960eccf Mon Sep 17 00:00:00 2001
From: "G.Ambatte" <sean@robertson-family.nz>
Date: Mon, 1 Jul 2024 09:30:50 +1200
Subject: [PATCH] Explicitly forbid script tags

---
 client/homebrew/brewRenderer/brewRenderer.jsx | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/client/homebrew/brewRenderer/brewRenderer.jsx b/client/homebrew/brewRenderer/brewRenderer.jsx
index 23a683ecb..760b44035 100644
--- a/client/homebrew/brewRenderer/brewRenderer.jsx
+++ b/client/homebrew/brewRenderer/brewRenderer.jsx
@@ -18,7 +18,8 @@ const { printCurrentBrew } = require('../../../shared/helpers.js');
 import DOMPurify from 'dompurify';
 
 const purifyConfig = {
-	ADD_ATTR : ['id', 'target']
+	ADD_ATTR    : ['id', 'target'],
+	FORBID_TAGS : ['script']
 };
 
 const Themes = require('themes/themes.json');