From f7e23802812e2014a0b06cf14a528cc45ddc6e6d Mon Sep 17 00:00:00 2001
From: Vitaliy Volynskiy <i@vitalya.me>
Date: Sat, 13 Jul 2024 13:35:08 +0500
Subject: [PATCH] Preserve target=_blank attribute when purifying (fix #793)

---
 scripts/helpers.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/scripts/helpers.js b/scripts/helpers.js
index 0be55c6b..3b5ed132 100644
--- a/scripts/helpers.js
+++ b/scripts/helpers.js
@@ -384,7 +384,8 @@ function escapeHTML(unsafe) {
     if(typeof unsafe === 'undefined' || unsafe === null) {
         return '';
     }
-    return DOMPurify.sanitize(String(unsafe));
+
+    return DOMPurify.sanitize(String(unsafe), { ADD_ATTR: ['target'] });
 }
 
 function html(strings, ...values) {