From 00333744819b63721756beb4d77a41cea80b89b8 Mon Sep 17 00:00:00 2001
From: Tim <135014430+nagisa77@users.noreply.github.com>
Date: Thu, 2 Oct 2025 21:42:52 +0800
Subject: [PATCH] Allow iframe embeds in markdown sanitizer

---
 frontend_nuxt/utils/markdown.js | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/frontend_nuxt/utils/markdown.js b/frontend_nuxt/utils/markdown.js
index 51bb327d1..42d46c0c4 100644
--- a/frontend_nuxt/utils/markdown.js
+++ b/frontend_nuxt/utils/markdown.js
@@ -157,6 +157,7 @@ const SANITIZE_CFG = {
     'th',
     'video',
     'source',
+    'iframe',
   ],
   // 允许的属性
   allowedAttributes: {
@@ -180,6 +181,16 @@ const SANITIZE_CFG = {
       'crossorigin',
     ],
     source: ['src', 'type'],
+    iframe: [
+      'src',
+      'title',
+      'width',
+      'height',
+      'allow',
+      'allowfullscreen',
+      'frameborder',
+      'referrerpolicy',
+    ],
   },
   // 允许的类名（保留你的样式钩子）
   allowedClasses: {