search

apostrophecms / sanitize-html

Clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis. Built on htmlparser2 for speed and tolerance
MIT License
3.68k stars 349 forks source link

Single quote is forced into double quote everytime #643

Closed TrofinSorin closed 5 months ago

TrofinSorin commented 5 months ago

PLEASE NOTE: make sure the bug exists in the latest patch level of the project. For instance, if you are running a 2.x version of Apostrophe, you should use the latest in that major version to confirm the bug.

To Reproduce

Step by step instructions to reproduce the behavior:

  1. Have this HTML: <div style='text-align:center'></div>
  2. Transform it with sanitize-html.
  3. You will get this: <div style="text-align:center"></div>. It will transform single quotes to double quotes anytime.

Expected behavior

It should have the type of quote we added initially. Is there a setting to keep both?

Details

Version of Node.js: 18.19.0

Server Operating System: Windows

boutell commented 5 months ago

As I recall this information is not available from htmlparser2, at least with safe options, therefore there are no plans to support this.

It would be neat to have an option to use the most compact representation each time — e.g. if the string contains more double quotes than single, use single so you don't have to escape double, and vice versa.

Closing for now, but if you find a way to get this information from htmlparser2 with our current options to it, a PR is welcome.