Comments (6)
mganss
commented on June 8, 2024
4
This was at a time when we still used CsQuery, so it no longer works with AngleSharp which is what we are currently using. Now you can just use the AllowDataAttributes property:
sanitizer.AllowDataAttributes = true;from htmlsanitizer.
mganss
commented on June 8, 2024
Yes. Data attributes are by default removed, this will allow them:
var sanitizer = new HtmlSanitizer();
sanitizer.RemovingAttribute += (s, e) => e.Cancel = e.Attribute.Key.StartsWith("data-");from htmlsanitizer.
304NotModified
commented on June 8, 2024
thx
from htmlsanitizer.
jaysee260
commented on June 8, 2024
Hello @mganss.
I came across this thread because I was looking into how to enable data-* attributes.
I tried this
sanitizer.RemovingAttribute += (s, e) => e.Cancel = e.Attribute.Key.StartsWith("data-");But am getting an error saying:
Error CS1061 'IAttr' does not contain a definition for 'Key' and no accessible extension method 'Key' accepting a first argument of type 'IAttr' could be found (are you missing a using directive or an assembly reference?)
I looked into IAttr's definition and there is not a Key property, but there is Name.
Will this achieve the same results?
sanitizer.RemovingAttribute += (s, e) => e.Cancel = e.Attribute.Name.StartsWith("data-");from htmlsanitizer.
jaysee260
commented on June 8, 2024
For anyone who might run into this:
Just tested it and it does work.
from htmlsanitizer.
jaysee260
commented on June 8, 2024
Hah! Even better. Thanks!
from htmlsanitizer.
Related Issues (20)
- Redirect to another mobile app link is getting removed by Ganss XSS HtmlFormatter. HOT 3
- Sanitizing xml with Body Tag HOT 1
- The class Ganss.Xss.HtmlSanitizer has no constructors defined. HOT 4
- Sanitizer removing inline child combinator CSS selectors HOT 3
- Upgrade AngleSharp dependency HOT 2
- Can upgrade the version of AngelSharp to 1.0.5? HOT 1
- Why is the AngleSharp dependency not at 1.0?
- I updated to the latest HtmlSanitizer - 8.0.746 and it won't run HOT 3
- Strange sanitizing of <style>, <title> and <iframe> tags HOT 18
- Update AngleSharp 1.0.6 HOT 1
- Style attribute triggers a RemovingAttribute Event with an empty value HOT 8
- How to convert < into < and similar things using HtmlSanitizer.sanitize call HOT 3
- list-style-type cjk-ideographic is not allowed? HOT 2
- Newer list-style-type values unsupported HOT 1
- Configuration option to bypass changes for security advisory HOT 10
- Sanitize Vue.js scripts HOT 1
- MSO conditional comments HOT 2
- htmlsanitizer is missing NuGet package README file HOT 1
- AngleSharp missing dependency HOT 2
- Url extra escaping HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from htmlsanitizer.