Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Exclude Details elements from HTML sanitization for inline attachments #5945

Merged
merged 2 commits into from
Jan 15, 2021
Merged

Exclude Details elements from HTML sanitization for inline attachments #5945

merged 2 commits into from
Jan 15, 2021

Conversation

edwardkerry
Copy link
Contributor

@edwardkerry edwardkerry commented Jan 13, 2021
edited
Loading

Inline attachments are wrapped in a <details> HTML element which is
being sanitized and removed by Govspeak. This is preventing a JS module
from attaching and results in the accessible format request block
always being expanded.

This change allows editions with inline attachments to request
that Govspeak excludes the details element from sanitization
by submitting it as a member of the optional
allowed_elements array.

This was introduced to Govspeak in release 6.6.0

trello

@edwardkerry edwardkerry force-pushed the detailed-guide-acc-req-show-hide branch 4 times, most recently from 6b85de3 to 784c9d2 Compare January 14, 2021 16:41
@edwardkerry edwardkerry changed the title [DO NOT MERGE]Exclude Details elements from HTML sanitization for inline attachments Exclude Details elements from HTML sanitization for inline attachments Jan 14, 2021
ChrisBAshton
ChrisBAshton reviewed Jan 15, 2021
View reviewed changes
Copy link
Contributor

@ChrisBAshton ChrisBAshton left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great, and nice easy-to-follow commits 👍 Just one suggestion below.

Gemfile.lock Show resolved Hide resolved
@edwardkerry edwardkerry force-pushed the detailed-guide-acc-req-show-hide branch 2 times, most recently from 1ee6db8 to 5852de6 Compare January 15, 2021 10:10
@edwardkerry
Bump Govspeak 6.5.10 => 6.6.0
7b57237
@edwardkerry
Exclude Details elements from HTML sanitization for inline attachments
e930480 
Inline attachments are wrapped in a `<details>` HTML element which is
being sanitized and removed by Govspeak. This is preventing a JS module
from attaching and results in the accessible format request block
always being expanded.

This change allows editions with inline attachments to request
that Govspeak excludes the `details` element from sanitization
by submitting it as a string in the optional
`allowed_elements` array
@edwardkerry edwardkerry force-pushed the detailed-guide-acc-req-show-hide branch from 5852de6 to e930480 Compare January 15, 2021 10:23
@edwardkerry edwardkerry merged commit 972d5e5 into master Jan 15, 2021
@edwardkerry edwardkerry deleted the detailed-guide-acc-req-show-hide branch January 15, 2021 10:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kevindew kevindew kevindew left review comments

@ChrisBAshton ChrisBAshton ChrisBAshton approved these changes

@thomasleese thomasleese thomasleese approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@edwardkerry @kevindew @thomasleese @ChrisBAshton