The feature is made of 2 parts:
By enabling the validation flag "Prevent the use of dangerous HTML attributes", the editors will be prevented from saving a record if potentially dangerous HTML is present in the field;
When the "Remove potentially dangerous attributes" flag is enabled, sanitization will be applied before the validation: field content is potentially subject to changes during the validation phase.
Most of our customers that want to use the feature will probably want to enable both flags. Validation without sanitization is meant for customers who want to apply specific sanitization strategies by developing a custom plugin.
To fix and check the HTML, we used the beautiful sanitize library made by Ryan Grove. Specifically, we went for the relaxed configuration, that allows safe markup, including images and tables, as well as safe CSS. Links are limited to FTP, HTTP, HTTPS, and
mailto protocols, while images are limited to HTTP and HTTPS.
rel="nofollow" is not added to links.
The feature also affects our Content Management API.