Open emersion opened 4 years ago
Yes.
So long as there were a policy construction interface along the lines of the HTML sanitization policy builder, I'd definitely accept a PR that did this.
We already sanitize style
attributes. The same should be applied to declarations in <style>
elements.
What you're talking about is already done: https://github.com/microcosm-cc/bluemonday/blob/0a75d7616912ab9beb9cc6f7283ec1917c61b135/sanitize.go#L670
Any Update on this?
douceur already supports parsing full CSS stylesheets. Would you accept a patch sanitizing
<style>
elements content in addition tostyle
attributes?