Updated Sanitizer for HTML5
Sanitizer should recognize HTML elements
and attributes.
New Allowed Elements:
article aside audio canvas command details
dialog figcaption figure footer header
hgroup mark meter nav progress rp rt ruby
section source summary time video war
(OK, audio and video were already there)
New Allowed Attributes:
autocomplete contenteditable contextmenu
draggable formaction icon low max min
open optimum pattern placeholder preload
pubdate required reversed spellcheck step
wrap
Attributes removed:
abbr charset loopcount loopend loopstart
noshade nowrap rev rules
Maruku supports @start and @reversed on
ordered lists. It doesn't seem to support
IALs on li elements, so you still can't
attach @value to an li.
This commit is contained in:
Jacques Distler
parent
d9d353a350
commit
2781890832
9 changed files with 175 additions and 137 deletions
|
|
@ -10,12 +10,14 @@ module Sanitizer
|
|||
require 'stringsupport'
|
||||
require 'set'
|
||||
|
||||
acceptable_elements = Set.new %w[a abbr acronym address area audio b big blockquote br
|
||||
button caption center cite code col colgroup dd del dfn dir div dl dt
|
||||
em fieldset font form h1 h2 h3 h4 h5 h6 hr i img input ins kbd label
|
||||
legend li map menu ol optgroup option p pre q s samp select small span
|
||||
strike strong sub sup table tbody td textarea tfoot th thead tr tt u
|
||||
ul var video]
|
||||
acceptable_elements = Set.new %w[a abbr acronym address area article aside
|
||||
audio b big blockquote br button canvas caption center cite code
|
||||
col colgroup command dd del details dfn dialog dir div dl dt
|
||||
em fieldset figcaption figure font footer form h1 h2 h3 h4 h5 h6 header
|
||||
hgroup hr i img input ins kbd label legend li map mark menu meter nav
|
||||
ol optgroup option p pre progress q rp rt ruby s samp section select small
|
||||
source span strike strong sub summary sup table tbody td textarea tfoot
|
||||
th thead time tr tt u ul var video wbr]
|
||||
|
||||
mathml_elements = Set.new %w[annotation annotation-xml maction math merror mfrac
|
||||
mfenced mi mmultiscripts mn mo mover mpadded mphantom mprescripts mroot
|
||||
|
|
@ -28,15 +30,15 @@ module Sanitizer
|
|||
line marker mask metadata missing-glyph mpath path pattern polygon
|
||||
polyline radialGradient rect set stop svg switch text textPath title tspan use]
|
||||
|
||||
acceptable_attributes = Set.new %w[abbr accept accept-charset accesskey action
|
||||
align alt axis border cellpadding cellspacing char charoff charset
|
||||
checked cite class clear cols colspan color compact controls coords datetime
|
||||
dir disabled enctype for frame headers height href hreflang hspace id
|
||||
ismap label lang longdesc loop loopcount loopend loopstart
|
||||
maxlength media method multiple name nohref
|
||||
noshade nowrap poster prompt readonly rel rev rows rowspan rules scope
|
||||
selected shape size span src start style summary tabindex target title
|
||||
type usemap valign value vspace width xml:lang]
|
||||
acceptable_attributes = Set.new %w[accept accept-charset accesskey action
|
||||
align alt autocomplete axis border cellpadding cellspacing char charoff
|
||||
checked cite class clear cols colspan color compact contenteditable contextmenu
|
||||
controls coords datetime dir disabled draggable enctype for formaction frame
|
||||
headers height href hreflang hspace icon id ismap label lang longdesc loop low
|
||||
max maxlength media method min multiple name nohref open optimum pattern placeholder
|
||||
poster preload pubdate readonly rel required reversed rows rowspan spellcheck scope
|
||||
selected shape size span src start step style summary tabindex target title
|
||||
type usemap valign value vspace width wrap xml:lang]
|
||||
|
||||
mathml_attributes = Set.new %w[actiontype align close
|
||||
columnalign columnlines columnspacing columnspan depth display
|
||||
|
|
@ -73,7 +75,7 @@ module Sanitizer
|
|||
xlink:arcrole xlink:href xlink:role xlink:show xlink:title xlink:type
|
||||
xml:base xml:lang xml:space xmlns xmlns:xlink xmlns:se y y1 y2 zoomAndPan]
|
||||
|
||||
attr_val_is_uri = Set.new %w[href src cite action longdesc xlink:href xml:base]
|
||||
attr_val_is_uri = Set.new %w[href src cite action formaction longdesc xlink:href xml:base]
|
||||
|
||||
svg_attr_val_allows_ref = Set.new %w[clip-path color-profile cursor fill
|
||||
filter marker marker-start marker-mid marker-end mask stroke]
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue