search

apostrophecms / sanitize-html

Clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis. Built on htmlparser2 for speed and tolerance
MIT License
3.69k stars 351 forks source link

Properties using single quotes are being replaced with double quotes #538

Closed adilmarjunior closed 2 years ago

adilmarjunior commented 2 years ago

Question or comment

I'm trying to prevent a property that uses single quotes from being replaced with double quotes.

My example: Original content: <join-iframe story-info='{"url":"{MY_URL}"}' ></join-iframe>

Content after sanitize: <join-iframe story-info="{"url":"{MY_URL}"}"></join-iframe>

I would like to keep single quotes instead of double quotes in the story-info property. Like: story-info='{content}' instead story-info="{content}"

I already tried: TextFilter:

textFilter: function(text) {
    return text.replace('\"', '\'');
  }

TransformTags:

return {
    tagName,
    attribs: {
      'story-info':  attribs["story-info"].replace('"{', "'{").replace('}"', "}'")
    }
  }

There's a way to do it? Thanks in advance.

boutell commented 2 years ago

The parser module we depend on doesn't tell us what was used originally, it just gives us the structure, so it wouldn't be practical.

boutell commented 2 years ago

Hmm. Although we can't tell how it was previously quoted, I was hasty in closing this because we could handle some way of giving a hint of how it should be quoted, and then you could make that decision yourself based on attribute names, etc. A PR for that would be a good idea if you are interested in pursuing it.

stale[bot] commented 2 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.