mnikolovski
commented
2 weeks ago By design we are setting this up intentionally to avoid security issues with XSS injection. At the moment Signals only supports exclusions per DTO basis.
Closed multimokia closed 2 weeks ago
mnikolovski
commented
2 weeks ago By design we are setting this up intentionally to avoid security issues with XSS injection. At the moment Signals only supports exclusions per DTO basis.
Hi there I was leveraging a few DTOs with the framework but noticed a common issue in that not all html was being cleaned up by the sanitizer's built-in methods.
I do see that the sanitizer does allow us to set allowed attributes, but this is something that needs to be done in a per-dto basis. Is there a way to assign this globally?