Clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis. Built on htmlparser2 for speed and tolerance
Enabled by default, and can be disabled by passing in nonBooleanAttributes: []
Can handle all empty attributes via nonBooleanAttributes: ['*']
Closes #123
What are the specific steps to test this change?
Test with empty attributes such as:
<input checked type="checkbox" />
Will not remove anything.
<input checked form type="checkbox" />
Will transform into the first example.
What kind of change does this PR introduce?
[ ] Bug fix
[x] New feature
[ ] Refactor
[ ] Documentation
[ ] Build-related changes
[ ] Other
Make sure the PR fulfills these requirements:
[x] It includes a) the existing issue ID being resolved, b) a convincing reason for adding this feature, or c) a clear description of the bug it resolves
[x] The changelog is updated
[x] Related documentation has been updated
[x] Related tests have been updated
If adding a new feature without an already open issue, it's best to open a feature request issue first and wait for approval before working on it.
Summary
This causes sanitize-html to remove empty attributes that are known to be non-boolean. It provides an exhaustive list of all known attributes taken from: https://html.spec.whatwg.org/multipage/indices.html#attributes-3
options.nonBooleanAttributes
nonBooleanAttributes: []
nonBooleanAttributes: ['*']
Closes #123
What are the specific steps to test this change?
Test with empty attributes such as:
Will not remove anything.
Will transform into the first example.
What kind of change does this PR introduce?
Make sure the PR fulfills these requirements:
If adding a new feature without an already open issue, it's best to open a feature request issue first and wait for approval before working on it.