From 50052fb78a3a9d1bb3fa488e7fd7b23125c38124 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <noreply@fakecake.org>
Date: Fri, 30 Nov 2018 15:02:01 +0300
Subject: [PATCH] strip_harmful_tags: remove data- attributes

---
 include/functions.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/include/functions.php b/include/functions.php
index 1dd9a7a1..9125df3b 100755
--- a/include/functions.php
+++ b/include/functions.php
@@ -1761,6 +1761,10 @@
 						array_push($attrs_to_remove, $attr);
 					}
 
+					if (strpos($attr->nodeName, "data-") === 0) {
+						array_push($attrs_to_remove, $attr);
+					}
+
 					if ($attr->nodeName == 'href' && stripos($attr->value, 'javascript:') === 0) {
 						array_push($attrs_to_remove, $attr);
 					}
-- 
2.39.2