Open powerman opened 6 years ago
It looks like this was already fixed in #3. Here are some examples, but my point is, all regexps should be reviewed and anchored unless there is a really good reason to not do this:
func (p *Policy) AllowStandardAttributes() { p.AllowAttrs( "lang", ).Matching(regexp.MustCompile(`[a-zA-Z]{2,20}`)).Globally() p.AllowAttrs("id").Matching( regexp.MustCompile(`[a-zA-Z0-9\:\-_\.]+`), ).Globally() func (p *Policy) AllowTables() { p.AllowAttrs( "scope", ).Matching( regexp.MustCompile(`(?i)(?:row|col)(?:group)?`), ).OnElements("td", "th") p.AllowAttrs("nowrap").Matching( regexp.MustCompile(`(?i)|nowrap`), ).OnElements("td", "th")
Also it's probably good idea to fix examples in README in same way.
It looks like this was already fixed in #3. Here are some examples, but my point is, all regexps should be reviewed and anchored unless there is a really good reason to not do this:
Also it's probably good idea to fix examples in README in same way.