Strip out inline styles via API

[strandoo]

Hi all. I've built a module to create and update pages from an XML feed. It work nicely, except I'm having a problem with imported inline css styles. My Body field gets populated by a field in the XML that usually contains a load of inline CSS styles (like "<span style="font-style:normal;font-weight:normal;background-color:transparent;text-decoration:none;">). I've tried using $sanitize->purify() but that doesn't seem to do anything. Am I using it incorrectly? Is there another method to clean up this cruft from the HTML? Ideally, I'd just be left with <p>, <strong>, <b>, etc.

All of the other fields sanitize correctly. Any ideas what I'm doing wrong?

[kongondo]

1 hour ago, strandoo said:

Any ideas what I'm doing wrong?

I don't think you are doing anything wrong. I don't think we have a sanitizer for inline CSS. Regex maybe?

https://stackoverflow.com/questions/2488950/removing-inline-styles-using-php

https://www.sitepoint.com/community/t/remove-inline-style-with-preg-replace/21743

https://wordpress.stackexchange.com/questions/91949/removing-any-and-all-inline-styles-from-the-content

https://www.php.net/manual/en/function.strip-tags.php#99643

Edited July 18, 2020 by kongondo
Added examples

[strandoo]

Thanks, @kongondo . And thanks for the links, I’ll dig in and see what I find. ?

[Ivan Gretsky]

Hey, @strandoo!

I think the trick is in the $options argument. Try something like this (or dig into the docs).

$sanitizer->purify(
    $page->summary, 
    array(
        'CSS.AllowedProperties' => []
    )
); 

 

[Robin S]

Another possibility:

$clean = $sanitizer->purify($dirty, ['HTML.ForbiddenAttributes' => ['style']]);

 

[strandoo]

Thanks all. I ended up making a simple function that used used preg_replace and str_replace to strip the styles then nuke the empty spans and paragraphs. The imported html was pretty consistent, so it was pretty straightforward. But I like the idea of using $sanitizer, so I'll try both of those options to see how they work.