From 9ffcbfca9812b20b08593a8b0a247be9f6487b9c Mon Sep 17 00:00:00 2001
From: Sam <sam.saffron@gmail.com>
Date: Wed, 9 Jul 2014 22:13:27 +1000
Subject: [PATCH] FIX: disable whitelist temporarily more complete fix to
 follow

---
 app/assets/javascripts/discourse/lib/markdown.js | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/app/assets/javascripts/discourse/lib/markdown.js b/app/assets/javascripts/discourse/lib/markdown.js
index 9457050a022..cfc40267c8c 100644
--- a/app/assets/javascripts/discourse/lib/markdown.js
+++ b/app/assets/javascripts/discourse/lib/markdown.js
@@ -237,7 +237,15 @@ Discourse.Markdown.whiteListTag('a', 'data-bbcode');
 
 Discourse.Markdown.whiteListTag('div', 'class', 'title');
 Discourse.Markdown.whiteListTag('div', 'class', 'quote-controls');
-Discourse.Markdown.whiteListTag('code', 'class', '*');
+
+// FIXME: explicitly whitelist classes we need allowed through for
+//  syntax highlighting, grab from highlight.js
+Discourse.Markdown.whiteListTag('code', 'class', 'text');
+Discourse.Markdown.whiteListTag('code', 'class', 'ruby');
+Discourse.Markdown.whiteListTag('code', 'class', 'json');
+Discourse.Markdown.whiteListTag('code', 'class', 'lang-auto');
+// Discourse.Markdown.whiteListTag('code', 'class', '*');
+
 Discourse.Markdown.whiteListTag('span', 'class', 'mention');
 Discourse.Markdown.whiteListTag('span', 'class', 'spoiler');
 Discourse.Markdown.whiteListTag('div', 'class', 'spoiler');