Skip to content

[HtmlSanitizer] Add support for configuring the default action #57399

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 29, 2024
Merged

[HtmlSanitizer] Add support for configuring the default action #57399

merged 1 commit into from
Jun 29, 2024

Conversation

Seldaek
Copy link
Member

@Seldaek Seldaek commented Jun 14, 2024
edited by OskarStark
Loading

Q A
Branch? 7.2
Bug fix? no
New feature? yes
Deprecations? no
Issues Fix #48358
License MIT

The default action can be set to block or allow unconfigured elements instead of dropping them

Kinda replaces #49920 but it would need some work on the configuration handling side to allow configuring default actions. I am just using this as a library so I am not so keen on doing that part sorry but maybe @Neirda24 might want to take care of it if this PR gets accepted.

@carsonbot carsonbot added this to the 7.2 milestone Jun 14, 2024
@Seldaek Seldaek force-pushed the sanitizer_default_action branch from fe8b477 to cf29db7 Compare June 14, 2024 13:37
nicolas-grekas
nicolas-grekas approved these changes Jun 24, 2024
View reviewed changes
Copy link
Member

@nicolas-grekas nicolas-grekas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM but please mind the remaining minor comments.
Anyone up to do the remaining steps in FramewoorkBundle?

@Neirda24
Copy link
Contributor

LGTM but please mind the remaining minor comments. Anyone up to do the remaining steps in FramewoorkBundle?

Remaining steps would be to make this configuration available through the semantic configuration ? I'd be happy to try it out.

@Seldaek Seldaek force-pushed the sanitizer_default_action branch from cf29db7 to a36fc54 Compare June 24, 2024 19:50
@Seldaek
Copy link
Member Author

Seldaek commented Jun 24, 2024

Alright I applied fixes for all feedback received.

@Neirda24 yes it would be making sure one can specify a default action in the sanitizer config in FrameworkBundle. Great if you can do that thanks!

@Seldaek
[HtmlSanitizer] Add support for configuring the default action to blo…
4fd1c4c 
…ck or allow unconfigured elements instead of dropping them
@Seldaek Seldaek force-pushed the sanitizer_default_action branch from a36fc54 to 4fd1c4c Compare June 24, 2024 19:58
@fabpot
Copy link
Member

fabpot commented Jun 29, 2024

Thank you @Seldaek.

@fabpot fabpot merged commit 98f511e into symfony:7.2 Jun 29, 2024
5 of 10 checks passed
@fabpot fabpot mentioned this pull request Jun 29, 2024
Open
@Seldaek Seldaek deleted the sanitizer_default_action branch July 3, 2024 09:42
@Neirda24 Neirda24 mentioned this pull request Jul 4, 2024
Open
@fabpot fabpot mentioned this pull request Oct 27, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Kocal Kocal Kocal left review comments

@Neirda24 Neirda24 Neirda24 left review comments

@fabpot fabpot fabpot approved these changes

@nicolas-grekas nicolas-grekas nicolas-grekas approved these changes

Assignees
No one assigned
Labels
Feature HtmlSanitizer Status: Reviewed
Projects
None yet
Milestone
7.2
Development

Successfully merging this pull request may close these issues.

[HtmlSanitizer] Add a blockAll helper
6 participants
@Seldaek @Neirda24 @fabpot @nicolas-grekas @Kocal @carsonbot