Fix sanitizer config

src/Package/Updater.php

@@ -42,6 +42,7 @@
 use App\Service\VersionCache;
 use Composer\Package\CompletePackageInterface;
 use Symfony\Component\HtmlSanitizer\HtmlSanitizer;
+use Symfony\Component\HtmlSanitizer\HtmlSanitizerAction;
 use Symfony\Component\HtmlSanitizer\HtmlSanitizerConfig;
 use Symfony\Component\Mailer\MailerInterface;
 use Symfony\Component\Mime\Address;
@@ -737,21 +738,19 @@ private function prepareReadme(string $readme, ?string $host = null, ?string $ow
             'dl', 'dd', 'dt',
             'pre', 'code', 'samp', 'kbd',
             'q', 'blockquote', 'abbr', 'cite',
-            'table', 'thead', 'tbody', 'th', 'tr', 'td',
-            'a', 'span',
-            'details', 'summary',
+            'table', 'thead', 'tbody', 'tr',
+            'span',
+            'summary',
         ];
 
         $config = (new HtmlSanitizerConfig());
+        $config = $config->defaultAction(HtmlSanitizerAction::Block);
+
         foreach ($elements as $el) {
             $config = $config->allowElement($el);
         }
 
         $config = $config
-            // TODO symfony/html-sanitizer:7.2 ->defaultAction(HtmlSanitizerAction::Block)
-            ->blockElement('div')
-            ->blockElement('article')
-            ->blockElement('g-emoji')
             ->allowElement('img', ['src', 'title', 'alt', 'width', 'height'])
             ->allowElement('a', ['href', 'target', 'id'])
             ->allowElement('td', ['colspan', 'rowspan'])

tests/Package/UpdaterTest.php

@@ -206,7 +206,7 @@ public function testReadmeParsing(): void
     {
         $readme = <<<'SOURCE'
 <div id="readme" class="md" data-path="README.md"><article class="markdown-body entry-content container-lg" itemprop="text"><h1>PROJECT NAME</h1><p dir="auto"><a target="_blank" rel="noopener noreferrer" href="docs/img/header.jpg"><img src="docs/img/header.jpg" alt="Fork CMS" style="max-width: 100%;"></a></p>
-<p dir="auto"><a href="https://github.com/forkcms/forkcms/actions?query&#61;workflow run-tests+branch%3Amaster"><img src="https://camo.githubusercontent.com/3e6124495dd6d2a2943f2bb8f9ddc1a021975e815a76c969d0e4ac2ee0c83044/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f776f726b666c6f772f7374617475732f666f726b636d732f666f726b636d732f72756e2d7465737473" alt="Build Status" data-canonical-src="https://img.shields.io/github/workflow/status/forkcms/forkcms/run-tests" style="max-width: 100%;"></a>
+<p dir="auto"><a href="https://github.com/forkcms/forkcms/actions?query&#61;workflow+run-tests+branch%3Amaster"><img src="https://camo.githubusercontent.com/3e6124495dd6d2a2943f2bb8f9ddc1a021975e815a76c969d0e4ac2ee0c83044/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f776f726b666c6f772f7374617475732f666f726b636d732f666f726b636d732f72756e2d7465737473" alt="Build Status" data-canonical-src="https://img.shields.io/github/workflow/status/forkcms/forkcms/run-tests" style="max-width: 100%;"></a>
 <a href="https://packagist.org/packages/forkcms/forkcms" rel="nofollow"><img src="https://camo.githubusercontent.com/079cfede4022aeaf86ef7121aee97d41c7fb2a4978313be826fb97ff97f9ea49/68747470733a2f2f706f7365722e707567782e6f72672f666f726b636d732f666f726b636d732f762f737461626c65" alt="Latest Stable Version" data-canonical-src="https://poser.pugx.org/forkcms/forkcms/v/stable" style="max-width: 100%;"></a>
 <a href="https://packagist.org/packages/forkcms/forkcms" rel="nofollow"><img src="https://camo.githubusercontent.com/1688b5b9a70fd0d4b1617cabbaf2796581ee594959d7c8a133cfdc5adbeeb593/68747470733a2f2f706f7365722e707567782e6f72672f666f726b636d732f666f726b636d732f6c6963656e7365" alt="License" data-canonical-src="https://poser.pugx.org/forkcms/forkcms/license" style="max-width: 100%;"></a>
 <a href="http://codecov.io/github/forkcms/forkcms?branch=master" rel="nofollow"><img src="https://camo.githubusercontent.com/c23678264bfbf2c33e3e3ec01cd98cd14f555dd089cd9179f9711bd9e0e922fc/68747470733a2f2f636f6465636f762e696f2f67682f666f726b636d732f666f726b636d732f6272616e63682f6d61737465722f67726170682f62616467652e7376673f746f6b656e3d61686a373068564f3239" alt="Code Coverage" data-canonical-src="https://codecov.io/gh/forkcms/forkcms/branch/master/graph/badge.svg?token=ahj70hVO29" style="max-width: 100%;"></a>
@@ -218,7 +218,7 @@ public function testReadmeParsing(): void
 <li>Run <code>composer create-project forkcms/forkcms .</code> in your document root.</li>
 <li>Browse to your website</li>
 <li>Follow the steps on-screen</li>
-<li>Have fun!</li><a href="https://example.org?query=foo bar+baz"></a>
+<li>Have fun!</li><a href="https://example.org?query=foo+bar+baz"></a>
 </ol>
 <div class="markdown-heading" dir="auto"><h3 class="heading-element" dir="auto">Dependencies</h3><a id="user-content-dependencies" class="anchor" aria-label="Permalink: Dependencies" href="#dependencies"><svg class="octicon octicon-link" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true"><path d="m7.775 3.275 1.25-1.25a3.5 3.5 0 1 1 4.95 4.95l-2.5 2.5a3.5 3.5 0 0 1-4.95 0 .751.751 0 0 1 .018-1.042.751.751 0 0 1 1.042-.018 1.998 1.998 0 0 0 2.83 0l2.5-2.5a2.002 2.002 0 0 0-2.83-2.83l-1.25 1.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042Zm-4.69 9.64a1.998 1.998 0 0 0 2.83 0l1.25-1.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042l-1.25 1.25a3.5 3.5 0 1 1-4.95-4.95l2.5-2.5a3.5 3.5 0 0 1 4.95 0 .751.751 0 0 1-.018 1.042.751.751 0 0 1-1.042.018 1.998 1.998 0 0 0-2.83 0l-2.5 2.5a1.998 1.998 0 0 0 0 2.83Z"></path></svg></a></div>
 <p dir="auto"><strong>Remark</strong>: If you are using GIT instead of composer create-project or the zip-file from <a href="http://www.fork-cms.com" rel="nofollow">http://www.fork-cms.com</a>, you
@@ -270,7 +270,7 @@ public function testReadmeParsing(): void
 
         self::assertSame(<<<'EXPECTED'
 <p><a target="_blank" href="https://github.com/foo/bar/blob/HEAD/docs/img/header.jpg" rel="nofollow noindex noopener external ugc"><img src="https://raw.github.com/foo/bar/HEAD/docs/img/header.jpg" alt="Fork CMS" /></a></p>
-<p><a href="https://github.com/forkcms/forkcms/actions?query&#61;workflow run-tests&#43;branch%3Amaster" rel="nofollow noindex noopener external ugc"><img src="https://camo.githubusercontent.com/3e6124495dd6d2a2943f2bb8f9ddc1a021975e815a76c969d0e4ac2ee0c83044/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f776f726b666c6f772f7374617475732f666f726b636d732f666f726b636d732f72756e2d7465737473" alt="Build Status" /></a>
+<p><a href="https://github.com/forkcms/forkcms/actions?query&#61;workflow&#43;run-tests&#43;branch%3Amaster" rel="nofollow noindex noopener external ugc"><img src="https://camo.githubusercontent.com/3e6124495dd6d2a2943f2bb8f9ddc1a021975e815a76c969d0e4ac2ee0c83044/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f776f726b666c6f772f7374617475732f666f726b636d732f666f726b636d732f72756e2d7465737473" alt="Build Status" /></a>
 <a href="https://packagist.org/packages/forkcms/forkcms" rel="nofollow noindex noopener external ugc"><img src="https://camo.githubusercontent.com/079cfede4022aeaf86ef7121aee97d41c7fb2a4978313be826fb97ff97f9ea49/68747470733a2f2f706f7365722e707567782e6f72672f666f726b636d732f666f726b636d732f762f737461626c65" alt="Latest Stable Version" /></a>
 <a href="https://packagist.org/packages/forkcms/forkcms" rel="nofollow noindex noopener external ugc"><img src="https://camo.githubusercontent.com/1688b5b9a70fd0d4b1617cabbaf2796581ee594959d7c8a133cfdc5adbeeb593/68747470733a2f2f706f7365722e707567782e6f72672f666f726b636d732f666f726b636d732f6c6963656e7365" alt="License" /></a>
 <a href="http://codecov.io/github/forkcms/forkcms?branch&#61;master" rel="nofollow noindex noopener external ugc"><img src="https://camo.githubusercontent.com/c23678264bfbf2c33e3e3ec01cd98cd14f555dd089cd9179f9711bd9e0e922fc/68747470733a2f2f636f6465636f762e696f2f67682f666f726b636d732f666f726b636d732f6272616e63682f6d61737465722f67726170682f62616467652e7376673f746f6b656e3d61686a373068564f3239" alt="Code Coverage" /></a>
@@ -282,7 +282,7 @@ public function testReadmeParsing(): void
 <li>Run <code>composer create-project forkcms/forkcms .</code> in your document root.</li>
 <li>Browse to your website</li>
 <li>Follow the steps on-screen</li>
-<li>Have fun!</li><a href="https://example.org?query&#61;foo bar&#43;baz" rel="nofollow noindex noopener external ugc"></a>
+<li>Have fun!</li><a href="https://example.org?query&#61;foo&#43;bar&#43;baz" rel="nofollow noindex noopener external ugc"></a>
 </ol>
 <h3 class="heading-element">Dependencies</h3><a id="user-content-dependencies" class="anchor" href="#user-content-dependencies" rel="nofollow noindex noopener external ugc"></a>
 <p><strong>Remark</strong>: If you are using GIT instead of composer create-project or the zip-file from <a href="http://www.fork-cms.com" rel="nofollow noindex noopener external ugc">http://www.fork-cms.com</a>, you