Safe Haskell	None

Text.HTML.SanitizeXSS

Contents

Sanitize
Custom filtering
Utilities

Description

Sanatize HTML to prevent XSS attacks.

See README.md http://github.com/gregwebs/haskell-xss-sanitize for more details.

Synopsis

Sanitize

sanitize :: Text -> Text Source

Sanitize HTML to prevent XSS attacks. This is equivalent to filterTags safeTags.

sanitizeBalance :: Text -> Text Source

Sanitize HTML to prevent XSS attacks and also make sure the tags are balanced. This is equivalent to filterTags (balanceTags . safeTags).

sanitizeXSS :: Text -> Text Source

alias of sanitize function

Custom filtering

filterTags :: ([Tag Text] -> [Tag Text]) -> Text -> Text Source

Parse the given text to a list of tags, apply the given filtering function, and render back to HTML. You can insert your own custom filtering but make sure you compose your filtering function with safeTags!

safeTags :: [Tag Text] -> [Tag Text]Source

Filters out any usafe tags and attributes. Use with filterTags to create a custom filter.

balanceTags :: [Tag Text] -> [Tag Text]Source

Filter which makes sure the tags are balanced. Use with filterTags and safeTags to create a custom filter.

Utilities

sanitizeAttribute :: (Text, Text) -> Maybe (Text, Text)Source

low-level API if you have your own HTML parser. Used by safeTags.

sanitaryURI :: Text -> Bool Source

Returns True if the specified URI is not a potential security risk.