Necessary HTML tags and attributes for Trix

[alltom]

According to #121, sanitizing HTML is the responsibility of the code that passes the HTML to Trix. So it would be great if there were a list of tags & attributes that Trix needs in order to work, so that people know what HTML to allow in their sanitization step.

This is the list of tags and attributes I had to allow in my HTML sanitizer (in addition to the defaults) for Trix to work:

• Allow data-trix-attachment on <a> tags
• Allow <figure> tags
• Allow class on <figure> tags
• Allow <figcaption> tags
• Allow class on <figcaption> tags
• Allow <img> tags
• Allow width and height on <img> tags
• Allow <span> tags
• Allow class on <span> tags

If you change those or add new ones in future releases, I have to manually figure out what new tags and attributes to add to my whitelist. The only way I know to do that is by trying every Trix feature and looking at which ones don't seem to work.

[alltom]

Bumping this again because today I discovered that strike-through doesn't work on my site because I didn't know to whitelist it.

[nimi09]

would this issue be the right place to request the possibility to add the target="_blank" attr to the < a > tag?

[javan]

@nimi09 see #55 (comment)

[mitar]

This is what I use for sanitization. So in general only attachments are more complex.

[alltom]

Oh, good call. I guess a code version of my sanitization (and adding target="_blank" @nimi09) would be useful. Here's the gist.

[alltom]

Bumping again because headers didn't work after I upgraded.

[javan]

We don't plan to maintain a running list of tag names. You see the tags used for formatting attributes in https://github.com/basecamp/trix/blob/master/src/trix/config/text_attributes.coffee and https://github.com/basecamp/trix/blob/master/src/trix/config/block_attributes.coffee.