FIX: Blacklist `<textarea>`

app/assets/javascripts/defer/html-sanitizer-bundle.js

@@ -987,19 +987,6 @@ html4.ATTRIBS = {
   'select::size': 0,
   'select::tabindex': 0,
   'source::type': 0,
-  'textarea::accesskey': 0,
-  'textarea::autocomplete': 0,
-  'textarea::disabled': 0,
-  'textarea::inputmode': 0,
-  'textarea::name': 8,
-  'textarea::onblur': 2,
-  'textarea::onchange': 2,
-  'textarea::onfocus': 2,
-  'textarea::onselect': 2,
-  'textarea::placeholder': 0,
-  'textarea::readonly': 0,
-  'textarea::tabindex': 0,
-  'textarea::wrap': 0,
   'track::default': 0,
   'track::kind': 0,
   'track::label': 0,
@@ -1136,7 +1123,6 @@ html4.ELEMENTS = {
   'table': 272,
   'tbody': 273,
   'td': 273,
-  'textarea': 8,
   'tfoot': 1,
   'th': 273,
   'thead': 273,
@@ -1259,7 +1245,6 @@ html4.ELEMENT_DOM_INTERFACES = {
   'table': 'HTMLTableElement',
   'tbody': 'HTMLTableSectionElement',
   'td': 'HTMLTableDataCellElement',
-  'textarea': 'HTMLTextAreaElement',
   'tfoot': 'HTMLTableSectionElement',
   'th': 'HTMLTableHeaderCellElement',
   'thead': 'HTMLTableSectionElement',

test/javascripts/lib/markdown_test.js

@@ -349,6 +349,7 @@ test("sanitize", function() {
   cooked("<iframe src=\"https://www.google.com/maps/embed?pb=!1m10!1m8!1m3!1d2624.9983685732213!2d2.29432085!3d48.85824149999999!3m2!1i1024!2i768!4f13.1!5e0!3m2!1sen!2s!4v1385737436368\" width=\"100\" height=\"42\"></iframe>",
          "<iframe src=\"https://www.google.com/maps/embed?pb=!1m10!1m8!1m3!1d2624.9983685732213!2d2.29432085!3d48.85824149999999!3m2!1i1024!2i768!4f13.1!5e0!3m2!1sen!2s!4v1385737436368\" width=\"100\" height=\"42\"></iframe>",
          "it allows iframe to google maps");
+  equal(sanitize("<textarea>hullo</textarea>"), "hullo");
 });
 
 test("URLs in BBCode tags", function() {