Parsoid/Todo:Sanitizer
< Parsoid
Tracked in Bug 39179
Sanitizer[edit]
Overall the sanitizer should be pretty solid as a relatively straight port of its PHP cousin.
- Check whether there is adequate test coverage in parserTests.txt and/or other php sanitizer tests.
- If not, add additional tests to parserTests.txt
- Go through ext.core.Sanitizer.js and look at FIXMEs -- there are a couple that merit attention.
- Understand what the correct behavior is when the same attribute is defined multiple times. Parsoid duplicates PHP parser behavior. So, both PHP sanitizer and Parsoid might need fixing.
- Ex: <p style="color:blue;font-weight:bold;" style="display:none;">foo</p> In Firefox, foo is display in blue and bold (the first occurrence of style). But, the PHP parser hides foo (the second occurrence of style). What is the correct behavior?
- We follow PHP behavior to preserve semantics. That is the correct thing to do.