Parsoid/Todo:Sanitizer

From mediawiki.org

Tracked in Bug 39179

Sanitizer[edit]

Overall the sanitizer should be pretty solid as a relatively straight port of its PHP cousin.

  • Check whether there is adequate test coverage in parserTests.txt and/or other php sanitizer tests.
  • If not, add additional tests to parserTests.txt
  • Go through ext.core.Sanitizer.js and look at FIXMEs -- there are a couple that merit attention.
  • Understand what the correct behavior is when the same attribute is defined multiple times. Parsoid duplicates PHP parser behavior. So, both PHP sanitizer and Parsoid might need fixing.
    • Ex: <p style="color:blue;font-weight:bold;" style="display:none;">foo</p> In Firefox, foo is display in blue and bold (the first occurrence of style). But, the PHP parser hides foo (the second occurrence of style). What is the correct behavior?
    • We follow PHP behavior to preserve semantics. That is the correct thing to do.
Retrieved from "https://www.mediawiki.org/w/index.php?title=Parsoid/Todo:Sanitizer&oldid=632544"