On Sun, Jul 19, 2009 at 1:29 AM, Devin Austin <devin.aus...@gmail.com>wrote:
> HTML::StripScripts is nice > > > On Sun, Jul 19, 2009 at 2:15 AM, Zbigniew Lukasiak <zzb...@gmail.com>wrote: > >> Hi, >> >> There seems to be a log list of HTML sanitizers at CPAN and no guide. >> So I quickly made a list at the P5P wiki: >> http://www.perlfoundation.org/perl5/index.cgi?html_sanitazing and I am >> asking here what are your experiences with that subject. >> >> Myself, I sometime ago I've wrote a sanitizer for HTML::FormHandler >> based on HTML::Scrubber - but it seems that there are problems with >> installing it so it never got into the HTML::FormHandler repository. >> I noticed that there is a new HTML sanitizer bundled with Mojo: >> http://search.cpan.org/~mramberg/MojoMojo-0.999030/lib/HTML/Declaw.pm<http://search.cpan.org/%7Emramberg/MojoMojo-0.999030/lib/HTML/Declaw.pm> >> by our own Marcus Ramberg. The POD says it is a modifed version of >> HTML::Defang - but there is no clue as to what was really modified and >> why it is a fork. >> > I've had good luck with HTML::Scrubber, after running through enough unit tests and usability tests. Here's my config that I've found to be "safe" for UCC (yaml format): HTML::Scrubber: allow: - a - b - strong - em - i - img - br - p - span rules: a: href: 1 name: 1 target: !!perl/regexp (?i-xsm:^target$) b: *: 0 img: src: 1 alt: 1 title: 1 *: 0 em: *: 0 br: *: 0 p: *: 0 strong: *: 0 span: *: 0 style: !!perl/regexp '(?si-xism:^(?:color:\s*#[a-fA-F0-9]{6};?|text-decoration:\s*underline;?)$)' __END__ -J
_______________________________________________ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/