Problem/Motivation
If a site has a custom, non-HTML5 tag (<foo>) which is listed in the "Source editing" plugin settings, and the site is also using the filter "Limit allowed HTML tags and correct faulty HTML", the custom tag should be allowed and not filtered out. Tags in "Source editing" and "Allowed HTML tags" should be exempt being filtered out, should override the filter for faulty HTML. Without this, the only way to allow such a custom tag is to disable the filter, which disables the security protections the filter was created for.
This issue is spun off as a child issue from this issue: "[upstream] Consider allowing styles for non-HTML5 tags (3280124)".
In the discussion of that parent issue two separate concerns were surfaced.
"Allowing styles for non-HTML5 tags"
and
"CKEditor5 retaining non-HTML5 tags that are entered in the Allowed Tags.
This child issue is to track this separate issue of CKEditor5 retaining non-HTML5 tags.
Steps to reproduce
1. Create a text format using CKEditor 5
2. Check the filter "Limit allowed HTML tags and correct faulty HTML"
3. In "Source editing" enter <foo>
4. Note that <foo> is in the "Allowed HTML tags" list, and save
6. Create/edit content using this text filter
7. Click "Source" and add <foo>Some text</foo>
8. Click "Source"
9. Click "Source" again and note that "<foo>" and "</foo>" are not there, have been filtered out
10. In the text format, uncheck "Limit allowed HTML tags and correct faulty HTML" and try again, the foo tags are not filtered out
Proposed resolution
Rewrite the module code to compare the HTML restrictions result with the content of "Allowed HTML tags", and add any valid tags from "Allowed HTML tags" that are missing (the custom tags added by the developer) to the array to be used for filtering.
Remaining tasks
Once this child issue is resolved, please consider allowing non-HTML5 Styles (in the Styles drop-down).