Page MenuHomePhabricator

RemexStripTagHandler should strip <style> contents
Open, Needs TriagePublic

Description

Sanitizer::stripAllTags() (implemented by RemexStripTagHandler) tends to be used by application code as a rough equivalent of Element.innerText, which causes bugs with TemplateStyles <styles> tags - the tag is stripped but the raw CSS is rendered as text. See e.g. T219138: TemplateStyles CSS appears in notification text. It should either behave somewhat along those lines and remove the contents of non-visual tags like <style> or <script>, or a separate utility should be available for that purpose.