Clean up Content HTML #17
Comments
|
I think we can start implementing a default sanitizer using https://github.com/apostrophecms/sanitize-html and then we can change the configuration to only have the tags and attributes we want, but at least in the meantime, we avoid things like XSS. |
|
Sounds great! @damianmarti It's a good start. |
|
@damianmarti Also, I think we can remove the the "style" attr (The most important one) and maybe "class" too. What do you think? |
|
Let's index all the content from each HTML document, show a summary (or a small text around the searched term) for each document at the search result and then link to the original content. Something like Google does. Sounds good to you? |
Yes, we can remove all the styling attributes. |
It's on seed.ts (in the future it will be a util that we'll use to clean data before updating the database with contributions)
Let's discuss what we should clean in the HTML that we are importing. We for sure want to leave all the HTML tags (p, ul, etc) but maybe we want to remove some stuff: some attributes? buttons? should we keep all links?
We should also have a basic styling for the HTML (tables, p, ul list, etc)
cc @amy-jung
The text was updated successfully, but these errors were encountered: