From 9f4d2c7ffb9fad3a47f7f67a63fc1e134ed592bc Mon Sep 17 00:00:00 2001
From: Xaekai <ribbon13@gmail.com>
Date: Thu, 7 Jul 2016 04:52:03 -0700
Subject: [PATCH] Add some various harmless tags to the XSS whitelist

sub, sup: Closes #579
cite, small: Bootstrap uses these for blockquotes
template: Will allow for cleaner channel scripts. Since it's contents are inert it will also allow channel admins to have "comments" in their banner.
---
 package.json | 2 +-
 src/xss.js   | 7 ++++++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/package.json b/package.json
index 838072bd..3f39dbaa 100644
--- a/package.json
+++ b/package.json
@@ -2,7 +2,7 @@
   "author": "Calvin Montgomery",
   "name": "CyTube",
   "description": "Online media synchronizer and chat",
-  "version": "3.17.5",
+  "version": "3.18.1",
   "repository": {
     "url": "http://github.com/calzoneman/sync"
   },
diff --git a/src/xss.js b/src/xss.js
index 5c3fe3c8..a6385f2b 100644
--- a/src/xss.js
+++ b/src/xss.js
@@ -5,6 +5,7 @@ var sanitizeHTML = require("sanitize-html");
 const ALLOWED_TAGS = [
     "button",
     "center",
+    "cite"
     "details",
     "font",
     "h1",
@@ -13,8 +14,12 @@ const ALLOWED_TAGS = [
     "marquee", // It pains me to do this, but a lot of people use it...
     "s",
     "section",
+    "small",
     "span",
-    "summary"
+    "sub",
+    "summary",
+    "sup",
+    "template"
 ];
 
 const ALLOWED_ATTRIBUTES = [