Skip to content

Instantly share code, notes, and snippets.

@coolaj86

coolaj86/Github-HTML-Whitelist.md

Last active October 2, 2024 17:20
Show Gist options
  • Save coolaj86/89821fe046623d5503ce5c4133e70506 to your computer and use it in GitHub Desktop.
Save coolaj86/89821fe046623d5503ce5c4133e70506 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Github-HTML-Whitelist.md

What HTML Tags & Attributes Does Github Allow?

Re:

      WHITELIST = {
        :elements => %w(
          h1 h2 h3 h4 h5 h6 h7 h8 br b i strong em a pre code img tt
          div ins del sup sub p ol ul table thead tbody tfoot blockquote
          dl dt dd kbd q samp var hr ruby rt rp li tr td th s strike
        ),
        :remove_contents => ['script'],
        :attributes => {
          'a' => ['href'],
          'img' => ['src'],
          'div' => ['itemscope', 'itemtype'],
          :all  => ['abbr', 'accept', 'accept-charset',
                    'accesskey', 'action', 'align', 'alt', 'axis',
                    'border', 'cellpadding', 'cellspacing', 'char',
                    'charoff', 'charset', 'checked', 'cite',
                    'clear', 'cols', 'colspan', 'color',
                    'compact', 'coords', 'datetime', 'dir',
                    'disabled', 'enctype', 'for', 'frame',
                    'headers', 'height', 'hreflang',
                    'hspace', 'ismap', 'label', 'lang',
                    'longdesc', 'maxlength', 'media', 'method',
                    'multiple', 'name', 'nohref', 'noshade',
                    'nowrap', 'prompt', 'readonly', 'rel', 'rev',
                    'rows', 'rowspan', 'rules', 'scope',
                    'selected', 'shape', 'size', 'span',
                    'start', 'summary', 'tabindex', 'target',
                    'title', 'type', 'usemap', 'valign', 'value',
                    'vspace', 'width', 'itemprop']
        },

Limited Whitelist

<b>
<i>
<strong>
<em>
<a>
<pre>
<code>
<img>
<ins>
<del>
<sup>
<sub>
<mark>
<abbr>
<p>
<ol>
<ul>
<li>

<b>Hello!</b>: Hello!

<i>Hello!</i>: Hello!

<strong>Hello!</strong>: Hello!

<em>Hello!</em>: Hello!

<a>Hello!</a>: Hello!

<pre>Hello!</pre>: 

Hello!

<code>Hello!</code>: Hello!

<img alt="A Warm Hello!" title="Hello, World!" src="https://i.imgur.com/MdueLu9.gif" width="64" />: A Warm Hello!

<ins>Hello!</ins>: Hello!

<del>Hello!</del>: Hello!

Hello!<sup>Hello!</sup>: Hello!Hello!

Hello!<sub>Hello!</sub>: Hello!Hello!

<mark>Hello!</mark>: Hello!

<abbr title="Hello World!">Hello!</abbr>: Hello!

<p>Hello!</p>:

Hello!


<ol><li>Hello!</li></ol>:

  1. Hello!

<ul><li>Hello!</li></ul>:

  • Hello!

Full Whitelist

<h1>Hello!</h1>


<h2>Hello!</h2>


<h3>Hello!</h3>


<h4>Hello!</h4>


<h5>Hello!</h5>

<h6>Hello!</h6>

<h7>Hello!</h7>

<h8>Hello!</h8>


<br>Hello!</br>

<b>Hello!</b>

<i>Hello!</i>

<strong>Hello!</strong>

<em>Hello!</em>

<a>Hello!</a> 

<pre>Hello!</pre>

<code>Hello!</code>

<img>Hello!</img>

<tt>Hello!</tt>

<div>Hello!</div>

<ins>Hello!</ins>

<del>Hello!</del>

<sup>Hello!</sup>

<sub>Hello!</sub>

<p>Hello!</p>


    <ol>Hello!</ol>

    <ul>Hello!</ul>

<table>Hello!</table>
<thead>Hello!</thead>
<tbody>Hello!</tbody>
<tfoot>Hello!</tfoot>
<blockquote>Hello!</blockquote>

<dl>Hello!</dl>

<dt>Hello!</dt>

<dd>Hello!</dd>

<kbd>Hello!</kbd>

<q>Hello!</q>

<samp>Hello!</samp>

<var>Hello!</var>

<hr>Hello!</hr>

<ruby>Hello!</ruby>

<rt>Hello!</rt>

<rp>Hello!</rp>

  • <li>Hello!</li>

    • <tr>Hello!</tr>
    <td>Hello!</td>
    <th>Hello!</th>

    <s>Hello!</s>

    <strike>Hello!</strike>

    <summary>Hello!</summary>
    <details>Hello!</details>

    <caption>Hello!</caption>
    <figure>Hello!</figure>
    <figcaption>Hello!</figcaption>

    <abbr>Hello!</abbr>

    <bdo>Hello!</bdo>

    <cite>Hello!</cite>

    <dfn>Hello!</dfn>

    <mark>Hello!</mark>

    <small>Hello!</small>

    <span>Hello!</span>

    <time>Hello!</time>

    <wbr>Hello!</wbr>

    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment