xss-sanitize-0.3.4.1: sanitize untrusted HTML to prevent XSS attacks

Safe HaskellNone

Text.HTML.SanitizeXSS

Contents

Description

Sanatize HTML to prevent XSS attacks.

See README.md http://github.com/gregwebs/haskell-xss-sanitize for more details.

Synopsis

Sanitize

sanitize :: Text -> TextSource

Sanitize HTML to prevent XSS attacks. This is equivalent to filterTags safeTags.

sanitizeBalance :: Text -> TextSource

Sanitize HTML to prevent XSS attacks and also make sure the tags are balanced. This is equivalent to filterTags (balanceTags . safeTags).

sanitizeXSS :: Text -> TextSource

alias of sanitize function

Custom filtering

filterTags :: ([Tag Text] -> [Tag Text]) -> Text -> TextSource

Parse the given text to a list of tags, apply the given filtering function, and render back to HTML. You can insert your own custom filtering but make sure you compose your filtering function with safeTags!

safeTags :: [Tag Text] -> [Tag Text]Source

Filters out any usafe tags and attributes. Use with filterTags to create a custom filter.

balanceTags :: [Tag Text] -> [Tag Text]Source

Filter which makes sure the tags are balanced. Use with filterTags and safeTags to create a custom filter.

Utilities

sanitizeAttribute :: (Text, Text) -> Maybe (Text, Text)Source

low-level API if you have your own HTML parser. Used by safeTags.