2007-02-22 08:06:53 +01:00
|
|
|
module Sanitize
|
|
|
|
|
2007-05-26 03:52:27 +02:00
|
|
|
# This module provides sanitization of XHTML+MathML+SVG
|
2007-02-22 08:06:53 +01:00
|
|
|
# and of inline style attributes.
|
|
|
|
#
|
2007-05-26 03:52:27 +02:00
|
|
|
# Uses the HTML5lib parser, so that the parsing behaviour should
|
|
|
|
# resemble that of browsers.
|
|
|
|
#
|
|
|
|
# sanitize_xhtml() is a case-sensitive sanitizer, suitable for XHTML
|
|
|
|
# sanitize_html() is a case-insensitive sanitizer suitable for HTML
|
2007-02-22 08:06:53 +01:00
|
|
|
|
|
|
|
|
2007-05-26 03:52:27 +02:00
|
|
|
require 'html5lib/sanitizer'
|
|
|
|
require 'html5lib/html5parser'
|
|
|
|
require 'html5lib/liberalxmlparser'
|
|
|
|
include HTML5lib
|
2007-02-22 08:06:53 +01:00
|
|
|
|
2007-05-26 03:52:27 +02:00
|
|
|
def sanitize_xhtml(html)
|
|
|
|
XHTMLParser.parseFragment(html, :tokenizer => HTMLSanitizer).to_s
|
|
|
|
end
|
2007-02-22 08:06:53 +01:00
|
|
|
|
2007-05-26 03:52:27 +02:00
|
|
|
def sanitize_html(html)
|
|
|
|
HTMLParser.parseFragment(html, :tokenizer => HTMLSanitizer).to_s
|
|
|
|
end
|
2007-02-22 08:06:53 +01:00
|
|
|
|
2007-05-26 03:52:27 +02:00
|
|
|
end
|