It's not working as it should ?

Question

It's not working as it should ?

Closed this issue 2 years ago · 3 comments

ivanradojevic-web-dev commented 4 years ago

$config = ['HTML.ForbiddenElements' => 'span[style]'];

$cleaned = Purify::clean($cleaned_content, $config);

return $cleaned; 

//result <span style="font-weight:400;"> is still there

Answer 1 · 2021-08-20T15:34:11.000Z

@ivanradojevic-web-dev with this one it works:

$config = ['HTML.ForbiddenElements' => 'span[style]', 'CSS.AllowedProperties' => ''];

$cleaned_content = '<span style="font-weight:400;">';

$cleaned = Purify::clean($cleaned_content, $config);

return $cleaned; 

=> "<span></span>"

Answer 2 · 2022-04-21T17:14:37.000Z

For forbidden elements, i think we should only pass the element itself for it to work. like this:
$config = ['HTML.ForbiddenElements' => 'span'];

Example:

$content = '<span> Hello world </span>';
$cleaned = Purify::clean($content, $config);
//result Hello World

But if you would like to remove the style but keeping the span element, you should be using 'HTML.Allowed'.
$config = ['HTML.Allowed' => 'span'];

Example:

$content = '<span style="font-weight:400;> Hello world </span>';
$cleaned = Purify::clean($content, $config);
//result <span> Hello world </span>

Answer 3 · 2022-04-21T19:43:58.000Z

Thanks for clarifying that @kotakSempit! 🙏

Closing due to inactivity from OP.