Allowed pattern is scrubbed #62

Awlexus · 2023-05-09T10:44:14Z

I need a similar scrubber as the ones seen in the documentation, but when I try to create and scrub some text it also scrubs the pattern I allowed.

# custom scrubber
defmodule LinksOnlyScrubber do
  require HtmlSanitizeEx.Scrubber.Meta
  alias HtmlSanitizeEx.Scrubber.Meta

  Meta.remove_cdata_sections_before_scrub()
  Meta.strip_comments()

  Meta.allow_tag_with_uri_attributes("a", ["href"], ["https", "mailto", "http"])

  Meta.strip_everything_not_covered()
end

Actual result

The tag has been removed

iex> HtmlSanitizeEx.Scrubber.scrub "This is a <a href=\"https://www.youtube.com/\">test</a>", LinksOnlyScrubber
"This is a test"

Expected result

The text should be left untouched

Versions

html_sanitize_ex 1.4.2
mochiweb 2.22.0

jaimeiniesta · 2024-10-29T12:20:18Z

Hi, I've verified that allow_tag_with_uri_attributes is not working as expected.

Here's a test to reproduce the issue:

jaimeiniesta@6ddd1bf

Failing on my machine with:

Erlang/OTP 24 [erts-12.2] [source] [64-bit] [smp:8:8] [ds:8:8:10] [async-threads:1]
Elixir 1.13.4 (compiled with Erlang/OTP 24)

jaimeiniesta added a commit to jaimeiniesta/html_sanitize_ex that referenced this issue Oct 29, 2024

adds failing test for issue rrrene#62

6ddd1bf

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Allowed pattern is scrubbed #62

Allowed pattern is scrubbed #62

Awlexus commented May 9, 2023

jaimeiniesta commented Oct 29, 2024 •

edited

Loading

Allowed pattern is scrubbed #62

Allowed pattern is scrubbed #62

Comments

Awlexus commented May 9, 2023

Actual result

Expected result

Versions

jaimeiniesta commented Oct 29, 2024 • edited Loading

jaimeiniesta commented Oct 29, 2024 •

edited

Loading