You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Related to the suggestion for a sanitise function in #225 (comment), and issue #313 and PR #406. A function to sanitise the raw HTML would be useful to enable specifying a white list of tags, their attributes and the attribute's values. In my current use case I would like to allow:
For any one else interested I've simplified the tweet embedding to:
<tweetid="801270269184647168"/>
constMARKDOWN_OPTIONS: MarkdownToJSX.Options={overrides:
{// ...// If there is any text inside the script tag then render this, otherwise render nothing.script: (props: {children: string})=>props.children,iframe: (props: {children: string})=>props.children,tweet: (props: {id: string})=>{constsrc=`https://platform.twitter.com/embed/Tweet.html?dnt=false&frame=false&hideCard=false&hideThread=false&id=${props.id}&lang=en-gb&theme=light&widgetsVersion=0a8eea3%3A1643743420422&width=400px"`return<iframesrc={src}scrolling="no"frameBorder={0}allowTransparency={true}allowFullScreen={true}style={{width: 401,height: 624}}/>},// ...},}
Related to the suggestion for a sanitise function in #225 (comment), and issue #313 and PR #406. A function to sanitise the raw HTML would be useful to enable specifying a white list of tags, their attributes and the attribute's values. In my current use case I would like to allow:
And deny all other HTML tags, attributes and attribute values.
Would there be interest in supporting such a function?
The text was updated successfully, but these errors were encountered: