This expands the list of html tags we allow in markdown. To get this list, I've copied the list of tags from `markdownDocumentRenderer` into `dom` after reviewing them
For #134514, I've also added `video` to the list of allowed tags
This makes `addDisposableListener` use an abortcontroller to unregister the listener. This lets us avoid having to null out references to the handler and the node
This rewrites code such as:
```ts
if (thing) {
thing.method();
}
```
To the more concise:
```ts
thing?.method();
```
This was done using a simple find replace. I tried to keep the change pretty conservative so it only touches simple cases like above
* Fixes#149256: Avoid using CSS variables for background images because they aren't fetched through the service worker in Safari
* Fix compilation errors
* Fix position of webviews and notebooks when the grid scrolls
Fixes#116946
Makes sure that absolutely positioned webviews and notebooks are correctly moved when the editor widget is scrolled
It also adds a clipping rect to make sure the elements do not overflow outside of the editor area (this would cause the webview/notebook to draw over the sidebar in some cases)
* Fix test service
Fixes#144897
Refactors to have a single `hookDomPurifyHrefAndSrcSanitizer` function that handles sanitizing the href and src attributes. Also updates this function to allow fragment links `#` and data images
* Replace the isStandalone const with a method of the same name
* Adding the matchMediaChangeListener into browser.ts so it can be used there
* Fix formatting
* Use browser.ts for all usages of addMatchMediaChangeListener
Co-authored-by: Anthony Stewart <anthonystewart@google.com>
This change was initially done only in the editor for microsoft/monaco-editor#2339, but after a discussion we have agreed to bring it to all users of `FocusTracker`.
Co-authored-by: Johannes Rieken <johannes.rieken@gmail.com>
* Switch to dompurify for sanitizing markdown content
Switches us from using `insane` to instead use `dompurify`, which seems to be better maintained and also has some nice features, such as built-in trusted types support
I've tried to port over our existing sanitizer settings as best as possible, but there's not always a 1:1 mapping between how insane works and how dompurify does. I'd like to get this change in early in the iteration to catch potential regressions
* Remove logging and renaming param
* Move dompurify to browser layer
* Fixing tests and how we check valid attributes
* Allow innerhtml in specific files
* Use isEqualNode instead of checking innerHTML directly
innerHTML can return different results on different browsers. Use `isEqualNode` instead
* Reapply fix for trusted types
* Enable ALLOW_UNKNOWN_PROTOCOLS
I beleive this is required since we allow links to commands and loading images over remote
* in -> of
* Fix check of protocol
* Enable two more safe tags
