Skip to content
Browse files

.htc stylesheets are not allowed

  • Loading branch information...
1 parent 24c3d25 commit 95765e1f775a159a3ac6d320937aa3d672aa6503 Visnu Pitiyanuvath committed Aug 31, 2011
Showing with 1 addition and 1 deletion.
  1. +1 −1 controllers/iframe.coffee
View
2 controllers/iframe.coffee
@@ -3,7 +3,7 @@ Vote = app.db.model 'Vote'
m = require './middleware'
app.get '/iframe/:teamId', [m.loadTeam, m.loadMyVote], (req, res) ->
- css = req.query.css if /^https?:\/\//.test(req.query.css)
+ css = req.query.css if /^https?:\/\//.test(req.query.css) and not /\.htc$/.test(req.query.css)
req.vote = null unless req.user?.voter
Vote.count teamId: req.team._id, type: 'voter', (err, count) ->
next err if err

0 comments on commit 95765e1

Please sign in to comment.
Something went wrong with that request. Please try again.