Draft: Remove data-* attributes from dompurify configuration
What does this MR do and why?
This change makes the sanitizer more restrictive by disabling all data-* attributes by default. This should improve security by preventing potential attacks through data attributes.
References
Screenshots or screen recordings
| Before | After |
|---|---|
How to set up and validate locally
MR acceptance checklist
Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Edited by Dheeraj Joshi