pickle-weasle

Results 3 comments of pickle-weasle

Sanitizing `<image src=...>` results in misnested tag output.

Hey @mikesamuel, yes I'm doing something similar to the example you pasted. Not sure what you mean by _"but without the custom ElementPolicy it does not."_ Surely there'd be no...

Sanitizing `<image src=...>` results in misnested tag output.

Pretty sure this is fixed in the newer releases, cheers Mike!

add example code and docs to demonstrate matching data: and tel: URLs

Can't this be achieved with just `this.policy = this.policy.allowUrlProtocols("tel","data");` In the [readme ](https://github.com/OWASP/java-html-sanitizer)there is the following: > PolicyFactory policy = new HtmlPolicyBuilder() > .allowElements("a") > **.allowUrlProtocols("https")** > .allowAttributes("href").onElements("a") > .requireRelNofollowOnLinks()...