The tag of <a> no attribute ?

[wangsrGit119]

Describe the bug when I use thi component，I wang to use in text ，but the result without any attribut To Reproduce Steps to reproduce the behavior:

1. var text = <a href="http://www.google.com" target="_blank">http://www.google.com</a> xxxx hhhhhh

2. <div v-safe-html="text"></div>

3. <a>http://www.google.com</a>xxxx hhhhhh

Expected behavior

<a href="http://www.google.com" target="_blank">http://www.google.com</a> xxxx hhhhhh

I suspect this package removes all attributes from any tag

I haven't thoroughly tested this, but what I have seen is that the class attribute is being stripped from my div tag when it is generated

something like

<div class="container">hello world</div>

renders

<div>hello world</div>

---

EDIT: Yup looks like all attributes are stripped, see: https://github.com/ecosia/vue-safe-html/blob/24660d223dbdced8e6e63dc177e6c93bf1769c58/src/utils.js#L15

[Kamsou]

Hello guys, i have the same problem. Did you find another way to do it?

• With vue-dompurify-html its okay

[mreduar]

Hello guys, i have the same problem. Did you find another way to do it?

• With vue-dompurify-html its okay

@Kamsou Thank you for the suggestion!

[walkerz88]

Hi! You can use allowedAttributes property, like: allowedAttributes: ['title', 'class', 'href'] it is mentioned in manual

[craigiswayne]

I rate we can close this now due to changes in the codebase

as @walkerz88 pointed out, you can now do the following:

Vue.use(VueSafeHTML, {
  allowedTags: ['a'],
  allowedAttributes: ['href', 'target'],
});

var text = <a href="http://www.google.com" target="_blank">http://www.google.com</a> xxxx hhhhhh

Note: specifiying just allowedTags is not enough, you'll need to also specifiy allowedAttributes

---

See this commit for changes https://github.com/ecosia/vue-safe-html/commit/4b957f5049f79cfe346eb5690e9ef5374796122d (2 weeks ago)