[HtmlSanitizer] Allow href attributes in links by default

### Symfony version(s) affected

6.1

### Description

Originally reported by @Stoakes in https://github.com/symfony/symfony-docs/pull/17446

@tgalopin suggested that this might be a bug in code instead of a doc issue.

### How to reproduce

The following config:

```yaml
html_sanitizer:
    sanitizers:
        app.sanitizer:
            allow_safe_elements: true
            allow_elements:
                list: '*'
                table: 'class'
                code: '*'
                a: ['href']
            allowed_media_schemes: ['http', 'https', 'mailto']
            allow_relative_medias: false
```

Results in the removal of all `href` attributes from all `<a>` elements. To fix this issue, you must also add the following to the previous config: `allowed_link_schemes: ['http', 'https', 'mailto']`

The original config should work without having to add the `allowed_link_schemes` config.

### Possible Solution

_No response_

### Additional Context

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

[HtmlSanitizer] Allow href attributes in links by default #48556

Symfony version(s) affected

Description

How to reproduce

Possible Solution

Additional Context

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

[HtmlSanitizer] Allow href attributes in links by default #48556

Description

Symfony version(s) affected

Description

How to reproduce

Possible Solution

Additional Context

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions