This returns an element wrapping sanitized content, using a whitelist for html tags and attributes,
and a blacklist for css. Javascript is never allowed.
It scans all URLs it allows and rejects
You can tweak the allowed features with the HtmlFeatures enum.
Note: you might want to use innerText for most user content. This is meant if you want to
give them a big section of rich text.
userContent should just be a basic div, holding the user's actual content.
This returns an element wrapping sanitized content, using a whitelist for html tags and attributes, and a blacklist for css. Javascript is never allowed.
It scans all URLs it allows and rejects
You can tweak the allowed features with the HtmlFeatures enum.
Note: you might want to use innerText for most user content. This is meant if you want to give them a big section of rich text.
userContent should just be a basic div, holding the user's actual content.
FIXME: finish writing this