Skip to content

Commit

Permalink
Merge pull request #529 from zadeviggers/patch-1
Browse files Browse the repository at this point in the history
Add common image attributes
  • Loading branch information
boutell authored Jan 25, 2022
2 parents 379b55b + 1971a57 commit 7338f8b
Show file tree
Hide file tree
Showing 3 changed files with 10 additions and 8 deletions.
4 changes: 4 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,9 @@
# Changelog

## 2.7.0 (2022-01-25)

- Allows a more sensible set of default attributes on `<img />` tags.

## 2.6.1 (2021-12-08)

- Fixes style filtering to retain `!important` when used.
Expand Down
7 changes: 3 additions & 4 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -128,10 +128,9 @@ allowedTags: [
disallowedTagsMode: 'discard',
allowedAttributes: {
a: [ 'href', 'name', 'target' ],
// We don't currently allow img itself by default, but this
// would make sense if we did. You could add srcset here,
// and if you do the URL is checked for safety
img: [ 'src' ]
// We don't currently allow img itself by default, but
// these attributes would make sense if we did.
img: [ 'src', 'srcset', 'alt', 'title', 'width', 'height', 'loading' ]
},
// Lots of these won't come up by default because we don't allow them
selfClosing: [ 'img', 'br', 'hr', 'area', 'base', 'basefont', 'input', 'link', 'meta' ],
Expand Down
7 changes: 3 additions & 4 deletions index.js
Original file line number Diff line number Diff line change
Expand Up @@ -780,10 +780,9 @@ sanitizeHtml.defaults = {
disallowedTagsMode: 'discard',
allowedAttributes: {
a: [ 'href', 'name', 'target' ],
// We don't currently allow img itself by default, but this
// would make sense if we did. You could add srcset here,
// and if you do the URL is checked for safety
img: [ 'src' ]
// We don't currently allow img itself by default, but
// these attributes would make sense if we did.
img: [ 'src', 'srcset', 'alt', 'title', 'width', 'height', 'loading' ]
},
// Lots of these won't come up by default because we don't allow them
selfClosing: [ 'img', 'br', 'hr', 'area', 'base', 'basefont', 'input', 'link', 'meta' ],
Expand Down

0 comments on commit 7338f8b

Please sign in to comment.