all repos — grayfriday @ be9cbc634a630f5e9d75a3e3d985152b17305b2f

blackfriday fork with a few changes 

tagWhitelist allows alignment attribute now

This is the closest I could get to removing everything "unsave" without introducing an additional regex.
willnix frieder.steinmetz@gmail.com
Sat, 19 Apr 2014 21:59:04 +0000
commit

be9cbc634a630f5e9d75a3e3d985152b17305b2f

parent

c1e49967874c1bf3b4ecb804dee11dd73e50179a

1 files changed, 8 insertions(+), 1 deletions(-)

jump to
M html.gohtml.go 
@@ -78,8 +78,15 @@ "thead",
 		"tbody",
 		
 	}
+	
+	alignments = []string{
+		"left",
+		"right",
+		"center",
+	}
+
 	urlRe        = `((https?|ftp):\/\/|\/)[-A-Za-z0-9+&@#\/%?=~_|!:,.;\(\)]+`
-	tagWhitelist = regexp.MustCompile(`^(<\/?(` + strings.Join(tags, "|") + `)>|<(br|hr)\s?\/?>)$`)
+	tagWhitelist = regexp.MustCompile(`^(<\/?(` + strings.Join(tags, "|") + `)(\salign="(` + strings.Join(alignments, "|") + `)")?>|<(br|hr)\s?\/?>)$`)
 	anchorClean  = regexp.MustCompile(`^(<a\shref="` + urlRe + `"(\stitle="[^"<>]+")?\s?>|<\/a>)$`)
 	imgClean     = regexp.MustCompile(`^(<img\ssrc="` + urlRe + `"(\swidth="\d{1,3}")?(\sheight="\d{1,3}")?(\salt="[^"<>]*")?(\stitle="[^"<>]*")?\s?\/?>)$`)
 	// TODO: improve this regexp to catch all possible entities: