sanitize: disallow width and height attributes for images

include/functions.php

@@ -1587,6 +1587,9 @@
 			if ($entry->nodeName == 'img') {
 				$entry->setAttribute('referrerpolicy', 'no-referrer');
 
+				$entry->removeAttribute('width');
+				$entry->removeAttribute('height');
+
 				if ($entry->hasAttribute('src')) {
 					$is_https_url = parse_url($entry->getAttribute('src'), PHP_URL_SCHEME) === 'https';