New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow data-attributes to pass through AMP sanitizer. #5504
Conversation
@@ -157,6 +161,8 @@ export function sanitizeHtml(html) { | |||
for (let i = 0; i < attribs.length; i += 2) { | |||
if (WHITELISTED_ATTRS.indexOf(attribs[i]) != -1) { | |||
attribs[i + 1] = savedAttribs[i + 1]; | |||
} else if (attribs[i].search(WHITELISTED_ATTR_PREFIX_REGEX) == 0) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am not entirely sure this needs to be a Regex, but thought might be useful in the future if we need to whitelist more prefixes. However, happy to change this to just a simple indexOf('data-') == 0
check instead for speed. LMK.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What is #search
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Wow! Never used it!
LGTM |
@@ -157,6 +161,8 @@ export function sanitizeHtml(html) { | |||
for (let i = 0; i < attribs.length; i += 2) { | |||
if (WHITELISTED_ATTRS.indexOf(attribs[i]) != -1) { | |||
attribs[i + 1] = savedAttribs[i + 1]; | |||
} else if (attribs[i].search(WHITELISTED_ATTR_PREFIX_REGEX) == 0) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Wow! Never used it!
Fixes #5281