Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
I think this is more of a bug than a feature...
Steps to reproduce:
- Set up the OpenGraph Meta module use the first 200 characters of the 'body' field as a default
- Set the Body field to use the 'Full HTML' text input
- Enter some style and/or script tags into the body field
- Note that the summary displays this HTML content in plaintext when shared via facebook
eg:
<style type="text/css">
#someStyleThatShouldBeHidden { somestyle: 10px;}
</style>
<p>Some text that you DO want to appear</p>
I know that entering CSS into the body of the document is not best practice, but sometimes needs to be done.
A proposed solution is to just ignore / strip out anything between <script></script>
and <style></style>
tags and comments <!-- ... -->
.
Alternatively, there could be a configuration option to specify what set of HTML elements to allow through, eg <p><a><i><em><strong>
etc.