Safe Haskell | None |
---|---|
Language | Haskell98 |
Sanatize HTML to prevent XSS attacks.
See README.md http://github.com/gregwebs/haskell-xss-sanitize for more details.
Sanitize
sanitize :: Text -> Text Source
Sanitize HTML to prevent XSS attacks. This is equivalent to filterTags safeTags
.
sanitizeBalance :: Text -> Text Source
Sanitize HTML to prevent XSS attacks and also make sure the tags are balanced.
This is equivalent to filterTags (balanceTags . safeTags)
.
sanitizeXSS :: Text -> Text Source
alias of sanitize function
Custom filtering
filterTags :: ([Tag Text] -> [Tag Text]) -> Text -> Text Source
Parse the given text to a list of tags, apply the given filtering function, and render back to HTML.
You can insert your own custom filtering but make sure you compose your filtering function with safeTags
!
safeTags :: [Tag Text] -> [Tag Text] Source
Filters out any usafe tags and attributes. Use with filterTags to create a custom filter.
balanceTags :: [Tag Text] -> [Tag Text] Source
Filter which makes sure the tags are balanced. Use with filterTags
and safeTags
to create a custom filter.
Utilities
sanitizeAttribute :: (Text, Text) -> Maybe (Text, Text) Source
low-level API if you have your own HTML parser. Used by safeTags.
sanitaryURI :: Text -> Bool Source
Returns True
if the specified URI is not a potential security risk.