Class: Autolinker::HTML::Sanitizer
- Inherits:
-
Object
- Object
- Autolinker::HTML::Sanitizer
- Defined in:
- lib/autolinker/html/sanitizer.rb
Instance Attribute Summary collapse
-
#allowed_attributes ⇒ Object
Returns the value of attribute allowed_attributes.
-
#allowed_css_keywords ⇒ Object
Returns the value of attribute allowed_css_keywords.
-
#allowed_css_properties ⇒ Object
Returns the value of attribute allowed_css_properties.
-
#allowed_protocols ⇒ Object
Returns the value of attribute allowed_protocols.
-
#allowed_tags ⇒ Object
Returns the value of attribute allowed_tags.
-
#bad_tags ⇒ Object
Returns the value of attribute bad_tags.
-
#protocol_separator ⇒ Object
Returns the value of attribute protocol_separator.
-
#shorthand_css_properties ⇒ Object
Returns the value of attribute shorthand_css_properties.
-
#uri_attributes ⇒ Object
Returns the value of attribute uri_attributes.
Instance Method Summary collapse
-
#initialize ⇒ Sanitizer
constructor
A new instance of Sanitizer.
- #sanitize(text, options = {}) ⇒ Object
- #sanitizeable?(text) ⇒ Boolean
Constructor Details
#initialize ⇒ Sanitizer
Returns a new instance of Sanitizer.
10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 |
# File 'lib/autolinker/html/sanitizer.rb', line 10 def initialize # A regular expression of the valid characters used to separate protocols like # the ':' in 'http://foo.com' @protocol_separator = /:|(�*58)|(p)|(�*3a)|(%|%)3A/i # Specifies a Set of HTML attributes that can have URIs. @uri_attributes = Set.new(%w(href src cite action longdesc xlink:href lowsrc)) # Specifies a Set of 'bad' tags that the #sanitize helper will remove completely, as opposed # to just escaping harmless tags like <font> @bad_tags = Set.new(%w(script)) # Specifies the default Set of tags that the #sanitize helper will allow unscathed. @allowed_tags = Set.new(%w(strong em b i p code pre tt samp kbd var sub sup dfn cite big small address hr br div span h1 h2 h3 h4 h5 h6 ul ol li dl dt dd abbr acronym a img blockquote del ins)) # Specifies the default Set of html attributes that the #sanitize helper will leave # in the allowed tag. @allowed_attributes = Set.new(%w(href src width height alt cite datetime title class name xml:lang abbr)) # Specifies the default Set of acceptable css properties that #sanitize and #sanitize_css will accept. @allowed_protocols = Set.new(%w(ed2k ftp http https irc mailto news gopher nntp telnet webcal xmpp callto feed svn urn aim rsync tag ssh sftp rtsp afs)) # Specifies the default Set of acceptable css keywords that #sanitize and #sanitize_css will accept. @allowed_css_properties = Set.new(%w(azimuth background-color border-bottom-color border-collapse border-color border-left-color border-right-color border-top-color clear color cursor direction display elevation float font font-family font-size font-style font-variant font-weight height letter-spacing line-height overflow pause pause-after pause-before pitch pitch-range richness speak speak-header speak-numeral speak-punctuation speech-rate stress text-align text-decoration text-indent unicode-bidi vertical-align voice-family volume white-space width)) # Specifies the default Set of acceptable css keywords that #sanitize and #sanitize_css will accept. @allowed_css_keywords = Set.new(%w(auto aqua black block blue bold both bottom brown center collapse dashed dotted fuchsia gray green !important italic left lime maroon medium none navy normal nowrap olive pointer purple red right solid silver teal top transparent underline white yellow)) # Specifies the default Set of allowed shorthand css properties for the #sanitize and #sanitize_css helpers. @shorthand_css_properties = Set.new(%w(background border margin padding)) end |
Instance Attribute Details
#allowed_attributes ⇒ Object
Returns the value of attribute allowed_attributes.
7 8 9 |
# File 'lib/autolinker/html/sanitizer.rb', line 7 def allowed_attributes @allowed_attributes end |
#allowed_css_keywords ⇒ Object
Returns the value of attribute allowed_css_keywords.
7 8 9 |
# File 'lib/autolinker/html/sanitizer.rb', line 7 def allowed_css_keywords @allowed_css_keywords end |
#allowed_css_properties ⇒ Object
Returns the value of attribute allowed_css_properties.
7 8 9 |
# File 'lib/autolinker/html/sanitizer.rb', line 7 def allowed_css_properties @allowed_css_properties end |
#allowed_protocols ⇒ Object
Returns the value of attribute allowed_protocols.
7 8 9 |
# File 'lib/autolinker/html/sanitizer.rb', line 7 def allowed_protocols @allowed_protocols end |
#allowed_tags ⇒ Object
Returns the value of attribute allowed_tags.
7 8 9 |
# File 'lib/autolinker/html/sanitizer.rb', line 7 def @allowed_tags end |
#bad_tags ⇒ Object
Returns the value of attribute bad_tags.
7 8 9 |
# File 'lib/autolinker/html/sanitizer.rb', line 7 def @bad_tags end |
#protocol_separator ⇒ Object
Returns the value of attribute protocol_separator.
7 8 9 |
# File 'lib/autolinker/html/sanitizer.rb', line 7 def protocol_separator @protocol_separator end |
#shorthand_css_properties ⇒ Object
Returns the value of attribute shorthand_css_properties.
7 8 9 |
# File 'lib/autolinker/html/sanitizer.rb', line 7 def shorthand_css_properties @shorthand_css_properties end |
#uri_attributes ⇒ Object
Returns the value of attribute uri_attributes.
7 8 9 |
# File 'lib/autolinker/html/sanitizer.rb', line 7 def uri_attributes @uri_attributes end |
Instance Method Details
#sanitize(text, options = {}) ⇒ Object
52 53 54 55 |
# File 'lib/autolinker/html/sanitizer.rb', line 52 def sanitize(text, = {}) return text unless sanitizeable?(text) tokenize(text, ).join end |
#sanitizeable?(text) ⇒ Boolean
57 58 59 |
# File 'lib/autolinker/html/sanitizer.rb', line 57 def sanitizeable?(text) !(text.nil? || text.empty? || !text.index("<")) end |