From 86955eeadcd268d2c19d3eba132493449f4d97f1 Mon Sep 17 00:00:00 2001
From: Alexander Ebert <ebert@woltlab.com>
Date: Mon, 12 Jan 2015 13:04:46 +0100
Subject: [PATCH] Force stripping of all rel="" attributes

---
 wcfsetup/install/files/js/3rdParty/redactor/plugins/wbbcode.js | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/wcfsetup/install/files/js/3rdParty/redactor/plugins/wbbcode.js b/wcfsetup/install/files/js/3rdParty/redactor/plugins/wbbcode.js
index 86fb2236f4..8c23c3b95b 100644
--- a/wcfsetup/install/files/js/3rdParty/redactor/plugins/wbbcode.js
+++ b/wcfsetup/install/files/js/3rdParty/redactor/plugins/wbbcode.js
@@ -226,6 +226,9 @@ RedactorPlugins.wbbcode = function() {
 			// remove data-redactor-tag="" attribute
 			html = html.replace(/(<[^>]+?) data-redactor-tag="[^"]+"/g, '$1');
 			
+			// remove rel="" attribute
+			html = html.replace(/(<[^>]+?) rel="[^"]+"/g, '$1');
+			
 			// remove zero-width space sometimes slipping through
 			html = html.replace(/&#(8203|x200b);/g, '');
 			
-- 
2.20.1