You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Frontend-side purification became too complex and hard to maintain.
It may be more efficient (traffic, speed) to transfer already sanitized content to the frontend.
By keeping purification on the server side, we can ensure that all clients receive clean and consistent content, regardless of their individual capabilities or limitations.
It is also a more secure approach, as it reduces the risk of malicious content being executed on the client side.
Notes:
We already have a partial sanitization on the backend via feedparser (docs), however, we need more control over the purification process and also we may need a unpurified version of the content for some use cases (e.g., integration plugins).
We may want to store 2 versions of the entry body and title: raw and sanitized+normalized.
Notes: