Open humitos opened 2 years ago
Consider bleach for stripping the HTML to exactly the tags and attributes that should be allowed.
@benjaoming I didn't know bleach. I've read a little of the documentation but I'm not sure to follow how you would use it for the purpose of the issue. Can you explain a little more about how you would use bleach for this?
It's not directly related to the issue -- bleach can ensure that we only have expected tags, attributes and CSS classes transferred. Probably belongs in a separate issue.
It may be good to expand
clean_resources
to also rewrite<source src=...>
HTML tags.Eric mentioned this in https://github.com/readthedocs/readthedocs.org/pull/9337#discussion_r899437440
This issue could serve also to do some extra research and try to find out more HTML tags that require HTML rewriting to make the tooltip content render properly.