Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow optional elements to skip sanitisation #203

Merged
merged 2 commits into from
Jan 14, 2021
Merged

Allow optional elements to skip sanitisation #203

merged 2 commits into from
Jan 14, 2021

Conversation

edwardkerry
Copy link
Contributor

This change allows an optional array of relaxed_sanitization_elements to be passed to a new Document, and these will be excluded from HTML sanitization.

There is a use-case where Whitehall is submitting a <details> element which is being stripped by sanitization.

Trello

@edwardkerry edwardkerry force-pushed the allow_optional_elements_to_skip_sanitisation branch from e9bf230 to 5e514e4 Compare January 13, 2021 12:22
@edwardkerry edwardkerry mentioned this pull request Jan 13, 2021
Merged
1pretz1
1pretz1 approved these changes Jan 13, 2021
View reviewed changes
Copy link
Contributor

@1pretz1 1pretz1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🍏

kevindew
kevindew reviewed Jan 13, 2021
View reviewed changes
Copy link
Member

@kevindew kevindew left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Awesome stuff Ed, a few comments that I hopefully get in before you merge.

CHANGELOG.md Outdated Show resolved Hide resolved
lib/govspeak.rb Outdated Show resolved Hide resolved
lib/govspeak/html_sanitizer.rb Outdated Show resolved Hide resolved
test/govspeak_test.rb
test "it can exclude stipulated elements from sanitization" do
document = Govspeak::Document.new("<uncommon-element>some content</uncommon-element>", relaxed_sanitization_elements: %w[uncommon-element])
assert_equal "<uncommon-element>some content</uncommon-element>", document.to_html.strip
end
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice one 👍

@edwardkerry edwardkerry force-pushed the allow_optional_elements_to_skip_sanitisation branch from 5e514e4 to 7b497c0 Compare January 14, 2021 12:03
@edwardkerry
Allow optional relaxed elements to be excluded from sanitization
b61ab11 
This change allows an optional array of `allowed_elements`
to be passed to a new Document, and these will be excluded from
HTML sanitization.
@edwardkerry
Bump version 6.6.0
03e9d88
@edwardkerry edwardkerry force-pushed the allow_optional_elements_to_skip_sanitisation branch from 7b497c0 to 03e9d88 Compare January 14, 2021 12:05
thomasleese
thomasleese approved these changes Jan 14, 2021
View reviewed changes
Copy link
Contributor

@thomasleese thomasleese left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good to me 👍🏻

@edwardkerry edwardkerry merged commit 496036c into master Jan 14, 2021
@edwardkerry edwardkerry deleted the allow_optional_elements_to_skip_sanitisation branch January 14, 2021 16:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@1pretz1 1pretz1 1pretz1 approved these changes

@thomasleese thomasleese thomasleese approved these changes

@danacotoran danacotoran Awaiting requested review from danacotoran

@kevindew kevindew Awaiting requested review from kevindew

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@edwardkerry @kevindew @thomasleese @1pretz1