From 8c6b1fbcc9c1babbda922f534ae23ba5e477e87e Mon Sep 17 00:00:00 2001
From: blag <drew.hubl@gmail.com>
Date: Mon, 28 Apr 2014 10:31:57 -0600
Subject: [PATCH] Allow Data URI Schemes

Allow the 'data' pseudo-protocol as established with https://en.wikipedia.org/wiki/Data_URI_scheme#Format.
---
 bleach/sanitizer.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/bleach/sanitizer.py b/bleach/sanitizer.py
index 88246f82..dce327d0 100644
--- a/bleach/sanitizer.py
+++ b/bleach/sanitizer.py
@@ -57,8 +57,9 @@ def sanitize_token(self, token):
                         # characters.
                         val_unescaped = val_unescaped.replace("\ufffd", "")
                         if (re.match(r'^[a-z0-9][-+.a-z0-9]*:', val_unescaped)
-                            and (val_unescaped.split(':')[0] not in
-                                 self.allowed_protocols)):
+                                and (val_unescaped.split(':')[0] not in
+                                     self.allowed_protocols)
+                                and val_unescaped.split(':')[0] != 'data'):
                             del attrs[attr]
                     for attr in self.svg_attr_val_allows_ref:
                         if attr in attrs: