Closed SViccari closed 7 years ago
@SViccari Thx! :+1:
@SViccari Follow-up: I just published v1.3.0-rc1
which contains your PR. It also changes the way white-space is handled. It would be great if you could test this pre-release version :+1:
@rrrene Thank you for the merge 💛 I'll test v1.3.0-rc1
this week and provide feedback.
@SViccari Please use v1.3.0-rc2
which some other fixes. Feedback, even a short "Works as expected." is very welcome!
@rrrene Happy Friday! Sorry for the delay but I had time to test v1.3.0-rc2
today. Everything seems 👍 except for one change. I'm seeing the introduction of _
. I'm not sure what that is but it looks like it received test coverage here.
In rc-2:
iex(1)> input = "<script>alert()</script> <p>Hi</p>"
iex(2)> input |> HtmlSanitizeEx.html5
"alert() ソ <p>Hi</p>"
Before rc-2:
iex(1)> input = "<script>alert()</script> <p>Hi</p>"
iex(2)> input |> HtmlSanitizeEx.html5
"alert() <p>Hi</p>"
@SViccari Ahhh, right. I released v1.3.0-rc3
to address this! :+1:
Why: The URI scheme 'mailto' is currently being removed when calling
HtmlSanitizeEx.html5/1
. Example:This PR: Allows the 'mailto' URI scheme to remain intact when using the HTML5 scrubber.