This repository was archived by the owner on Dec 15, 2022. It is now read-only.
This repository was archived by the owner on Dec 15, 2022. It is now read-only.
Remove arbitrary HTML from header and footer #20
Description
Arbitrary HTML could be removed frontend before sending to sandbox by creating a fragment from the css and js segments and disallowing any visible content.
This would make the plugin compatible with a wider range of themes and plugins, assisting in reducing the prevalence of themes and plugins in #7
- Upon successful response body
- Create a fragment with a wrapper element we can address from (reduces false positives from nested elements)
- create iterable discover list
querySelectorAllwithin the fragment using wrapper as namespace with only direct decedents on any nonscript,link,style,template(block visible elements) - remove all these direct descendents
- get innerHTML of the fragment wrapper
- send this to sandbox
Technically this means after receiving a response, parsing and modifying that response.
The reason I think this is best done Frontend is because it has a Real DOM to work with avoiding PHP, libxml and other parsing framework issues.
Drawbacks are additional complexity and iteration.