From 3c27ed04f49b7dd980d167a6ccfd2baa44aa686f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C7=B3=C3=83=C3=8E?= <1101766085@qq.com>
Date: Tue, 28 Nov 2023 16:15:28 +0800
Subject: [PATCH] =?UTF-8?q?:sparkles:=20=E5=8D=87=E7=BA=A7=20Jsoup?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 mica-xss/src/main/java/net/dreamlu/mica/xss/utils/XssUtil.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mica-xss/src/main/java/net/dreamlu/mica/xss/utils/XssUtil.java b/mica-xss/src/main/java/net/dreamlu/mica/xss/utils/XssUtil.java
index f34af49ec..d98cf01a1 100644
--- a/mica-xss/src/main/java/net/dreamlu/mica/xss/utils/XssUtil.java
+++ b/mica-xss/src/main/java/net/dreamlu/mica/xss/utils/XssUtil.java
@@ -100,7 +100,7 @@ public HtmlSafeList() {
 		}
 
 		@Override
-		protected boolean isSafeAttribute(String tagName, Element el, Attribute attr) {
+		public boolean isSafeAttribute(String tagName, Element el, Attribute attr) {
 			//不允许 javascript 开头的 src 和 href
 			if ("src".equalsIgnoreCase(attr.getKey()) || "href".equalsIgnoreCase(attr.getKey())) {
 				String value = attr.getValue();