Closed mKadiyan closed 2 years ago
You can already override the default options by passing your config as sanitizeOptions
.
Edit: for example { USE_PROFILES: { html: true, mathMl: true } }
Ok.. got it thanks..... One request, Can we somehow avoid introducing breaking changes... it took lot of time to identify these
Yes, definitely, sorry about that. We have missed it that time. I'm closing this, feel free to reopen if necessary.
Scenerio : The math string that we pass to component not necessarily contains the TEX or math ascii etc, it may contains simple HTML too. e.g.
const math = "<p>N<sub>2</sub>O<sub>3</sub></p>";
Expectation is , component should convert the math expression and leave rest as it is. but the default sanitization setting that are added 2.2.0 onwards remove the html tag.
e.g. const defaultSanitizeOptions = { USE_PROFILES: {mathMl: true}, ADD_ATTR: ['columnalign'], }
DOMPurify.sanitize(math, {...defaultSanitizeOptions});
Convert above expression to N2O3 and we loss html tag and hence parsing..
please remove the default sanitisation..