From 974fbf37611246608fafcb87ba897d7daf248a41 Mon Sep 17 00:00:00 2001
From: Brook Elgie <specialbrew@gmail.com>
Date: Fri, 21 Apr 2017 12:31:13 +0100
Subject: [PATCH] [#1041] Add class attribute to xss white list

This allows table classes to survive import.
---
 census/loaders/utils.js | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/census/loaders/utils.js b/census/loaders/utils.js
index df0c640e..cbb42a6d 100644
--- a/census/loaders/utils.js
+++ b/census/loaders/utils.js
@@ -9,6 +9,10 @@ var csv = require('csv');
 var _mapParsedCsvData = function(parsedData) {
   var result = [];
   var keys = [];
+  var whiteList = _.assign(xss.whiteList, {table: ['class']})
+  var xssOptions = {
+    whiteList: whiteList
+  };
   for (var i = 0; i < parsedData.length; i++) {
     if (i === 0) {
       for (var j = 0; j < parsedData[i].length; j++) {
@@ -18,7 +22,7 @@ var _mapParsedCsvData = function(parsedData) {
     } else {
       var object = {};
       for (var n = 0; n < keys.length; n++) {
-        object[keys[n]] = xss(_.trim(parsedData[i][n]));
+        object[keys[n]] = xss(_.trim(parsedData[i][n]), xssOptions);
       }
       result.push(object);
     }