feat: Add AllowUnsafeText method to Policy for handling unsafe text input #219
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This pull request introduces a new option to the HTML sanitizer policy, allowing for more flexible handling of unsafe text content. The main change is the addition of the
AllowUnsafeTextfeature, which lets users control whether raw text in HTML is sanitized or left as-is. This is accompanied by updates to the sanitizer logic and new tests to verify the behavior.New Feature: Allow Unsafe Text
allowUnsafeTextfield to thePolicystruct to track the new option.AllowUnsafeTextmethod inPolicy, enabling users to set the option via the API.Sanitization Logic Update
sanitizefunction to conditionally write raw text or escape it, based on the value ofallowUnsafeText.Testing
TestAllowUnsafeTexttopolicy_test.goto verify that the sanitizer behaves correctly when the new option is enabled, ensuring unsafe tags are removed and text is handled as expected.