Content: Updated filters to allow some required attributes

- Allows target attribute on links.
- Allows custom mention attribute on links.

Adds test case to cover these.
For #6034

app/Util/ConfiguredHtmlPurifier.php

@@ -71,6 +71,8 @@ class ConfiguredHtmlPurifier
         $config->set('Core.AllowHostnameUnderscore', true);
         $config->set('CSS.AllowTricky', true);
         $config->set('HTML.SafeIframe', true);
+        $config->set('HTML.TargetNoopener', false);
+        $config->set('HTML.TargetNoreferrer', false);
         $config->set('Attr.EnableID', true);
         $config->set('Attr.ID.HTML5', true);
         $config->set('Output.FixInnerHTML', false);
@@ -141,6 +143,12 @@ class ConfiguredHtmlPurifier
             'drawio-diagram',
             'Number',
         );
+
+        // Allow target="_blank" on links
+        $definition->addAttribute('a', 'target', 'Enum#_blank');
+
+        // Allow mention-ids on links
+        $definition->addAttribute('a', 'data-mention-user-id', 'Number');
     }
 
     public function purify(string $html): string

tests/Entity/PageContentFilteringTest.php

@@ -478,4 +478,25 @@ HTML;
             $resp->assertSee($expected, false);
         }
     }
+
+    public function test_allow_list_does_not_filter_cases()
+    {
+        $testCasesExpectedByInput = [
+            '<p><a href="https://example.com" target="_blank">New tab linkydoodle</a></p>',
+            '<p><a href="https://example.com/user/1" data-mention-user-id="5">@mentionusertext</a></p>',
+            '<details><summary>Hello</summary><p>Mydetailshere</p></details>',
+        ];
+
+        config()->set('app.content_filtering', 'a');
+        $page = $this->entities->page();
+        $this->asEditor();
+
+        foreach ($testCasesExpectedByInput as $input) {
+            $page->html = $input;
+            $page->save();
+            $resp = $this->get($page->getUrl());
+
+            $resp->assertSee($input, false);
+        }
+    }
 }