feat(sanitizer): add support for fetchpriority and decoding attributes in img tags

2025-07-22 17:18:37 +00:00 · 2025-06-09 20:07:33 -07:00 · 2025-06-09 20:07:33 -07:00 · 21d22d7f0b
commit 21d22d7f0b
parent d59990f1dd
2 changed files with 117 additions and 1 deletions
--- a/internal/reader/sanitizer/sanitizer.go
+++ b/internal/reader/sanitizer/sanitizer.go
@ -46,7 +46,7 @@ var (
 		"h6":         {"id"},
 		"hr":         {},
 		"iframe":     {"width", "height", "frameborder", "src", "allowfullscreen"},
-		"img":        {"alt", "title", "src", "srcset", "sizes", "width", "height"},
+		"img":        {"alt", "title", "src", "srcset", "sizes", "width", "height", "fetchpriority", "decoding"},
 		"ins":        {},
 		"kbd":        {},
 		"li":         {"id"},
@ -234,6 +234,18 @@ func sanitizeAttributes(baseURL, tagName string, attributes []html.Attribute, sa
 			continue
 		}

+		if tagName == "img" && attribute.Key == "fetchpriority" {
+			if !isValidFetchPriorityValue(value) {
+				continue
+			}
+		}
+
+		if tagName == "img" && attribute.Key == "decoding" {
+			if !isValidDecodingValue(value) {
+				continue
+			}
+		}
+
 		if (tagName == "img" || tagName == "source") && attribute.Key == "srcset" {
 			value = sanitizeSrcsetAttr(baseURL, value)
 		}
@ -540,3 +552,13 @@ func getIntegerAttributeValue(name string, attributes []html.Attribute) int {
 	}
 	return 0
 }
+
+func isValidFetchPriorityValue(value string) bool {
+	allowedValues := []string{"high", "low", "auto"}
+	return slices.Contains(allowedValues, value)
+}
+
+func isValidDecodingValue(value string) bool {
+	allowedValues := []string{"sync", "async", "auto"}
+	return slices.Contains(allowedValues, value)
+}