Keep <kbd>, <samp>, and <var> tags when sanitizing HTML

This commit is contained in:
cketti 2022-10-24 12:12:15 +02:00
parent 863222f658
commit be8bb25874
2 changed files with 22 additions and 3 deletions

View file

@ -13,7 +13,7 @@ internal class BodyCleaner {
init { init {
val allowList = Safelist.relaxed() val allowList = Safelist.relaxed()
.addTags("font", "hr", "ins", "del", "center", "map", "area", "title", "tt") .addTags("font", "hr", "ins", "del", "center", "map", "area", "title", "tt", "kbd", "samp", "var")
.addAttributes("font", "color", "face", "size") .addAttributes("font", "color", "face", "size")
.addAttributes("a", "name") .addAttributes("a", "name")
.addAttributes("div", "align") .addAttributes("div", "align")

View file

@ -447,7 +447,26 @@ class HtmlSanitizerTest {
@Test @Test
fun `should keep 'tt' element`() { fun `should keep 'tt' element`() {
val html = """<tt>some text</tt>""" assertTagsNotStripped("tt")
}
@Test
fun `should keep 'kbd' element`() {
assertTagsNotStripped("kbd")
}
@Test
fun `should keep 'samp' element`() {
assertTagsNotStripped("samp")
}
@Test
fun `should keep 'var' element`() {
assertTagsNotStripped("var")
}
private fun assertTagsNotStripped(element: String) {
val html = """<$element>some text</$element>"""
val result = htmlSanitizer.sanitize(html) val result = htmlSanitizer.sanitize(html)
@ -456,7 +475,7 @@ class HtmlSanitizerTest {
<html> <html>
<head></head> <head></head>
<body> <body>
<tt>some text</tt> <$element>some text</$element>
</body> </body>
</html> </html>
""".trimIndent().trimLineBreaks() """.trimIndent().trimLineBreaks()