What are the HTML sanitation rules that get applied to HTML specified in the "submission[body]" parameter for assignment submissions via the Canvas API? The Canvas API documentation on submitting assignments states:
Note this HTML snippet will be sanitized using the same ruleset as a submission made from the Canvas web UI.
I have successfully submitted assignments containing an HTML body via the Canvas API, but I have not been able to locate the mentioned 'ruleset' to determine what types of HTML (and embedded styling) I'm able to send without it being lost.
Solved! Go to Solution.
I cannot take credit for this, I asked the IRC channel and got this response...
the short version is "we call out to nokogiri to scrub it"
Based on the HTML that I'm submitting and how it appears to be getting sanitized, the whitelist you provided appears to the ruleset that is used. Thank you!