Class: PotMarkdown::Filters::SanitizeHTMLFilter

Inherits:

HTML::Pipeline::Filter

• Object
• HTML::Pipeline::Filter
• PotMarkdown::Filters::SanitizeHTMLFilter

Defined in:

lib/pot_markdown/filters/sanitize_html_filter.rb

Constant Summary

RULE =

{
  elements: %w(
    a
    b
    blockquote
    br
    code
    dd
    del
    details
    div
    dl
    dt
    em
    h1
    h2
    h3
    h4
    h5
    h6
    hr
    i
    img
    input
    ins
    kbd
    li
    ol
    p
    pre
    q
    rp
    rt
    ruby
    s
    samp
    span
    strike
    strong
    sub
    summary
    sup
    table
    tbody
    td
    tfoot
    th
    thead
    tr
    tt
    ul
    var
  ),
  attributes: {
    all: %w(
      abbr
      align
      alt
      border
      cellpadding
      cellspacing
      cite
      class
      color
      cols
      colspan
      datetime
      height
      hreflang
      itemprop
      lang
      name
      rowspan
      style
      tabindex
      target
      title
      width
    ) + [:data],
    'a' => %w(
      href
    ),
    'div' => %w(
      itemscope
      itemtype
    ),
    'iframe' => %w(
      allowfullscreen
      frameborder
      src
      scrolling
    ),
    'img' => %w(
      src
    ),
    'input' => %w(
      checked
      disabled
      type
    ),
    'script' => %w(
      src
    )
  },
  css: {
    properties: %w(
      border
      color
      height
      text-align
      width
    )
  },
  protocols: {
    'a' => {
      'href' => ['http', 'https', :relative]
    },
    'img' => {
      'src' => ['http', 'https', :relative]
    }
  },
  transformers: [
    SanitizeTransformers::ListTransformer,
    SanitizeTransformers::TableTransformer
  ]
}.freeze

RULE_EXT =

RULE.dup.tap do |rule|
  rule[:elements] += %w(script iframe)
end

Instance Method Summary

• #call ⇒ Object

Instance Method Details

#call ⇒ Object

# File 'lib/pot_markdown/filters/sanitize_html_filter.rb', line 10

def call
  Sanitize.clean_node!(doc, rule)
end