dart-lang
Support `picture` tag for markdown pages
Hi!
Can you keep picture tag for a markdown pages instead of omitting it?
- Here is the readme on pub.dev without tag
- Here is the same readme on GitHub
- Here is the GitHub documentation page with the recommendations for using
picturetag.
Yes, I'm down with adding this to package:sanitize_html, feel free to make a PR.
But I don't see this in: https://github.github.com/gfm/ OR: https://github.com/gjtorikian/html-pipeline/blob/main/lib/html/pipeline/sanitization_filter.rb
I'm not inclined to support tags not specified in GFM spec or sanitization_filter.rb, maybe github is now using a different sanitization library -- but then we should hopefully be able to find some canonical reference documentation or code for this behavior.
Linking to github user documentation does not seem like a good idea.
In short I would strongly prefer if package:sanitize_html is just an arbitrary set of rules we've "guess" to be okay. I would strongly prefer that the rules in the package are just an implementation of rules implemented somewhere else that we can reference to. Otherwise, next time someone asks for a "feature" we have to discuss it, and worse we might need to investigate the security implications.
But I don't see this in: https://github.github.com/gfm/
That spec specifically allows all html tags except for a deny-list.
The html-pipeline faq mentions an allow-list, so much less opinionated that our sanitize_html: https://github.com/gjtorikian/html-pipeline/tree/main?tab=readme-ov-file#2-how-do-i-customize-an-allowlist-for-sanitizationfilters
Maybe we can add such a list to sanitize_html?
This issue still seems relevant.
