diff --git a/BTCPayServer.Abstractions/BTCPayServer.Abstractions.csproj b/BTCPayServer.Abstractions/BTCPayServer.Abstractions.csproj
index 8dc6bc85c..54a248353 100644
--- a/BTCPayServer.Abstractions/BTCPayServer.Abstractions.csproj
+++ b/BTCPayServer.Abstractions/BTCPayServer.Abstractions.csproj
@@ -31,7 +31,7 @@
-
+
diff --git a/BTCPayServer/Hosting/BTCPayServerServices.cs b/BTCPayServer/Hosting/BTCPayServerServices.cs
index 8a7cee98b..8d5d77a6c 100644
--- a/BTCPayServer/Hosting/BTCPayServerServices.cs
+++ b/BTCPayServer/Hosting/BTCPayServerServices.cs
@@ -317,10 +317,8 @@ namespace BTCPayServer.Hosting
services.TryAddTransient();
services.TryAddSingleton(o =>
{
-
var htmlSanitizer = new Ganss.Xss.HtmlSanitizer();
-
htmlSanitizer.RemovingAtRule += (sender, args) =>
{
};
@@ -353,6 +351,7 @@ namespace BTCPayServer.Hosting
htmlSanitizer.AllowedTags.Remove("img");
htmlSanitizer.AllowedAttributes.Add("webkitallowfullscreen");
htmlSanitizer.AllowedAttributes.Add("allowfullscreen");
+ htmlSanitizer.AllowedSchemes.Add("mailto");
return htmlSanitizer;
});
diff --git a/BTCPayServer/Plugins/Crowdfund/CrowdfundPlugin.cs b/BTCPayServer/Plugins/Crowdfund/CrowdfundPlugin.cs
index ec5f3afdd..ee409baa3 100644
--- a/BTCPayServer/Plugins/Crowdfund/CrowdfundPlugin.cs
+++ b/BTCPayServer/Plugins/Crowdfund/CrowdfundPlugin.cs
@@ -44,7 +44,6 @@ namespace BTCPayServer.Plugins.Crowdfund
private readonly IOptions _options;
private readonly DisplayFormatter _displayFormatter;
private readonly CurrencyNameTable _currencyNameTable;
- private readonly HtmlSanitizer _htmlSanitizer;
private readonly InvoiceRepository _invoiceRepository;
public const string AppType = "Crowdfund";
@@ -53,15 +52,13 @@ namespace BTCPayServer.Plugins.Crowdfund
IOptions options,
InvoiceRepository invoiceRepository,
DisplayFormatter displayFormatter,
- CurrencyNameTable currencyNameTable,
- HtmlSanitizer htmlSanitizer)
+ CurrencyNameTable currencyNameTable)
{
Description = Type = AppType;
_linkGenerator = linkGenerator;
_options = options;
_displayFormatter = displayFormatter;
_currencyNameTable = currencyNameTable;
- _htmlSanitizer = htmlSanitizer;
_invoiceRepository = invoiceRepository;
}
diff --git a/BTCPayServer/Plugins/PointOfSale/PointOfSalePlugin.cs b/BTCPayServer/Plugins/PointOfSale/PointOfSalePlugin.cs
index 83c484371..dc8ff4298 100644
--- a/BTCPayServer/Plugins/PointOfSale/PointOfSalePlugin.cs
+++ b/BTCPayServer/Plugins/PointOfSale/PointOfSalePlugin.cs
@@ -56,8 +56,7 @@ namespace BTCPayServer.Plugins.PointOfSale
public PointOfSaleAppType(
LinkGenerator linkGenerator,
IOptions btcPayServerOptions,
- DisplayFormatter displayFormatter,
- HtmlSanitizer htmlSanitizer)
+ DisplayFormatter displayFormatter)
{
Type = AppType;
Description = "Point of Sale";
diff --git a/BTCPayServer/Services/Apps/AppService.cs b/BTCPayServer/Services/Apps/AppService.cs
index 6b0422701..ab11350b7 100644
--- a/BTCPayServer/Services/Apps/AppService.cs
+++ b/BTCPayServer/Services/Apps/AppService.cs
@@ -45,7 +45,6 @@ namespace BTCPayServer.Services.Apps
readonly CurrencyNameTable _Currencies;
private readonly DisplayFormatter _displayFormatter;
private readonly StoreRepository _storeRepository;
- private readonly HtmlSanitizer _HtmlSanitizer;
public CurrencyNameTable Currencies => _Currencies;
public AppService(
@@ -54,15 +53,13 @@ namespace BTCPayServer.Services.Apps
InvoiceRepository invoiceRepository,
CurrencyNameTable currencies,
DisplayFormatter displayFormatter,
- StoreRepository storeRepository,
- HtmlSanitizer htmlSanitizer)
+ StoreRepository storeRepository)
{
_appTypes = apps.ToDictionary(a => a.Type, a => a);
_ContextFactory = contextFactory;
_InvoiceRepository = invoiceRepository;
_Currencies = currencies;
_storeRepository = storeRepository;
- _HtmlSanitizer = htmlSanitizer;
_displayFormatter = displayFormatter;
}
#nullable enable