Sanitize doesn't block or drop children of blocked node

[oliverlynch]

Hello! Sanitize doesn't behave how I would expect when dealing with child elements of blocked nodes. The root node is blocked but the children are not removed even if they match a blocked or dropped element.

Blocked Elements

{ blockElements: ["body", "h1"] } <body><h1>Hello World!</h1><p>Testing</p></body>

Expected result: <p>Testing</p>

Received result: <h1>Hello world!</h1><p>Testing</p>

Dropped Elements

{ blockElements: ["body"] } (Script dropped automatically) <body><script>console.log("pwnd")</script><p>Testing</p></body>

Expected result: <p>Testing</p>

Received result: <script>console.log("pwnd")</script><p>Testing</p>

Here are the test cases I used to confirm this behavior: sanitize.test.ts

it("children of blocked elements can be blocked", async () => {
    const input = `<body><h1>Hello world!</h1></body>`;
    const output = await transform(input, [
      sanitize({ blockElements: ["body", "h1"] }),
    ]);
    expect(output).toEqual("");
});
it("children of blocked elements can be dropped", async () => {
    const input = `<body><script>console.log("pwnd")</script></body>`;
    const output = await transform(input, [
      sanitize({ blockElements: ["body"] }),
    ]);
    expect(output).toEqual("");
});
it("children of blocked elements can drop attributes", async () => {
    const input = `<body><h1 no="way">Hello world!</h1></body>`;
    const output = await transform(input, [
      sanitize({ blockElements: ["body"], dropAttributes: { no: ["h1"] } }),
    ]);
    expect(output).toEqual("<h1>Hello world!</h1>");
});

The final of the three tests passes correctly, but it may be a useful test case.