Hello,
I have the following policy:
/**
* Allow media elements/attributes.
*/
public static final PolicyFactory MEDIA = new HtmlPolicyBuilder().allowElements("video", "audio", "source")
.allowAttributes("controls", "width", "height").onElements("video").allowAttributes("controls")
.onElements("audio").allowAttributes("src", "type").onElements("source").allowTextIn("video", "audio")
.toFactory();
and the HTML content I want to sanitize (all whitelisted content) is:
<p><video controls="controls" width="300" height="150">
<source src="media/video/small.webm" type="video/webm" />
<source src="media/video/small.mp4" type="video/mp4" />
<source src="media/video/small.ogv" type="video/ogg" />
<source src="media/video/small.3gp" type="video/3gp" />
Your browser does not support the video tag.</video></p>
But it seems character content within the video-element is never permitted (contents-member field is 0, probably it should be != 0?). Should be valid to have an alternative text I guess.
kind regards
Johannes