Closed wghilliard closed 2 months ago
The UriAttributes
property needs to include the href
attribute. Perhaps it's best to use the default constructor to initialize with the default options and then add/remove entries from AllowedSchemes
etc.
Okay I see, I didn't realize there was a new option, UriAttributes
, added. After setting it to the default value my test cases pass.
Thank you for the clarification!
Hey, firstly thank you for all of the effort you put in to maintaining this library.
I think I've discovered a regression but wanted to post here to see if perhaps I'm just misunderstanding something.
In HtmlSanitizer version
7.1.488
, the following HTML would be considered unsafe:Using something like the following:
However, in version
8.1.860-beta
, aAllowedSchemes
violation doesn't seem to trigger a corresponding EventHandler?This produces the following "safe" html:
What are your thoughts? Am I missing something?