fjdu
commented
1 year ago Now I use the sanitizeHTMLToDom function provided by Obsidian. At present the plugin only fetch the feed, not the article content. I wish people more proficient than me in HTML/JavaScript/CSS would make a plugin functionally similar to what I have written.
It wasn't clear what the issue with the built in sanitizer. I haven't used the plugin yet (I like to wait for them to be officially in the app list), but does it fetch jst the feed or the article content. Thought sanitizer that is built in would do the job and it can be customized. You have to remove things like script tags and inline javascript or script as part of a tag, right?
here is an example, in php, of a sanitizer that is used by tt-rss, a server based rss aggregator in php. you can look at how it is done here. This one has been aroiund for a long time and has a tech savvy community and no one complains about the sanitization.
https://git.tt-rss.org/fox/tt-rss.git/tree/classes/sanitizer.php
You can also add an attribute to a site about whether to disable sanitization (default should be to sanitize) and for users who are will to take the risk or comfortable with a site skip the sanitization. This that having a per feed option and global default is a better solution than not sanitizing at all.