AllowElements without attributes about bluemonday HOT 5 CLOSED

And to the point @shurcooL made about HTML5, just for future reference it's true that we use a HTML5 library, but we're really only using it as a tokenizer.

As you clearly spotted we have our own internal logic as to which elements to permit without attributes. I sourced that list from HTML5 references, explicitly avoiding adding anything that W3C marked as deprecated or obsolete, hence the omission of big.

Thanks for enabling others to permit other tags. Sample code for those who stumble upon this issue:

    p := bluemonday.NewPolicy()
    p.AllowElements("font")

    // At this point "<font>hello</font>" would p.Sanitize() to "hello".

    p.AllowNoAttrs().OnElements("font")

    // At this point "<font>hello</font>" would p.Sanitize() to "<font>hello</font>".

from bluemonday.

You need to escape HTML symbols in your Markdown post. It is unreadable right now.

It is not said that bluemonday is only html5-sanitizer

This is worth clarifying first. bluemonday uses golang.org/x/net/html package which is an HTML5-compliant parser.

from bluemonday.

You need to escape HTML symbols in your Markdown post. It is unreadable right now.

Fixed.

This is worth clarifying first. bluemonday uses golang.org/x/net/html package which is an HTML5 parser.

Golang parser can parse most html4 documents, why not to allow users to customize policies with old tags? Internet is full of non-html5 documents, it will be good if bluemonday could be able to work with them.

from bluemonday.

Hello, what's about this issue?

from bluemonday.

Auto-closed by Github. But I wanted to say thanks for the code. I would've merged sooner but I was cycling up some mountains and had left my laptop at home. Github lacks an out-of-office status unfortunately.

from bluemonday.