sanitize_html: append rel attributes instead of overriding (#223)

Author: isoos

sanitize_html/CHANGELOG.md

@@ -1,6 +1,7 @@
-## v2.0.0-dev
+## v2.1.0
  * Remove custom HTML rendering logic in favor of logic from `package:html`.
  * Added `topics` to `pubspec.yaml`.
+ * `rel` attributes added through `addLinkRel` are appended to existing ones.
 
 ## v2.0.0
  * Migrate to null safety.

sanitize_html/lib/src/sane_html_validator.dart

@@ -249,7 +249,12 @@ class SaneHtmlValidator {
         if (href != null && addLinkRel != null) {
           final rels = addLinkRel!(href);
           if (rels != null && rels.isNotEmpty) {
-            node.attributes['rel'] = rels.join(' ');
+            final currentRel = node.attributes['rel'] ?? '';
+            final allRels = <String>{
+              ...currentRel.split(' ').where((e) => e.isNotEmpty),
+              ...rels,
+            };
+            node.attributes['rel'] = allRels.join(' ');
           }
         }
       }

sanitize_html/pubspec.yaml

@@ -1,5 +1,5 @@
 name: sanitize_html
-version: 2.0.0-dev
+version: 2.1.0
 description: >-
   Function for sanitizing HTML to prevent XSS by restrict elements and
   attributes to a safe subset of allowed values.
@@ -14,7 +14,7 @@ dependencies:
   meta: ^1.1.7
 dev_dependencies:
   test: ^1.5.1
-  lints: ^1.0.0
-  markdown: ^4.0.0
+  lints: ^2.0.0
+  markdown: ^7.1.1
 environment:
-  sdk: '>=2.12.0 <3.0.0'
+  sdk: '>=2.12.0 <4.0.0'