Skip to content
This repository has been archived by the owner on Apr 3, 2024. It is now read-only.

Allow <details> and <summary> elements through sanitizer #333

Merged
merged 1 commit into from Feb 23, 2017
Merged

Allow <details> and <summary> elements through sanitizer #333

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
2 changes: 1 addition & 1 deletion lib/sanitize.js
View file
Open in desktop
Expand Up @@ -5,7 +5,7 @@ var sanitizer = module.exports = function (html) {

sanitizer.config = {
allowedTags: sanitizeHtml.defaults.allowedTags.concat([
'dd', 'del', 'div', 'dl', 'dt', 'h1', 'h2', 'iframe', 'img', 'input', 'ins', 'meta', 'path', 'pre', 's', 'span', 'sub', 'sup', 'svg'
'dd', 'del', 'details', 'div', 'dl', 'dt', 'h1', 'h2', 'iframe', 'img', 'input', 'ins', 'meta', 'path', 'pre', 's', 'span', 'sub', 'summary', 'sup', 'svg'
]),
allowedClasses: {
a: ['anchor'],
Expand Down
7 changes: 7 additions & 0 deletions test/sanitize.js
View file
Open in desktop
Expand Up @@ -182,4 +182,11 @@ describe('sanitize', function () {
assert.equal($('img').attr('src'), 'http://example.com/an%20image.png')
assert.equal($('a').attr('href'), 'http://example.com/link%20me.html')
})

it('allows the <details>/<summary> elements', function () {
var src = '# Test\n\n<details><summary>Summary here</summary>\nLong long information, War & Peace, etc...</details>\n'
var $ = cheerio.load(marky(src))
assert.equal($('details').length, 1)
assert.equal($('summary').length, 1)
})
})