在线时间:8:00-16:00
迪恩网络APP
随时随地掌握行业动态
扫描二维码
关注迪恩网络微信公众号
开源软件名称:rrrene/html_sanitize_ex开源软件地址:https://github.com/rrrene/html_sanitize_ex开源编程语言:Elixir 99.4%开源软件介绍:HtmlSanitizeEx
It is the first Hex package to come out of the elixirstatus.com project, where it will be used to sanitize user announcements from the Elixir community. What can it do?
NOTE: The one thing missing at this moment is support for styles. To add this, we have to implement a Scrubber for CSS, to prevent nasty CSS hacks using Otherwise InstallationAdd html_sanitize_ex as a dependency in your defp deps do
[{:html_sanitize_ex, "~> 1.4"}]
end After adding you are done, run The only dependency of UsageDepending on the scrubber you select, it can strip all tags from the given string:
Or allow certain basic HTML elements to remain:
There are built-in scrubbers that cover common use cases, but you can also easily define custom scrubbers (see the next section). The following default scrubbing options exist:
There is also one scrubber primarily used for testing:
Before using a built-in scrubber, you should verify that it functions in the way you expect. The built-in scrubbers are located in /lib/html_sanitize_ex/scrubber Custom ScrubbersA custom scrubber has the advantage of allowing you to support only the minimum functionality needed for your use case. With a custom scrubber, you define which tags, attributes, and uri schemes (e.g.
There are also utility functions to remove CDATA sections and comments which you will generally include. Here is an example of a custom scrubber which allows only Note that the scrubber should include defmodule MyProject.MyScrubber do
require HtmlSanitizeEx.Scrubber.Meta
alias HtmlSanitizeEx.Scrubber.Meta
Meta.remove_cdata_sections_before_scrub()
Meta.strip_comments()
Meta.allow_tag_with_these_attributes("p", [])
Meta.allow_tag_with_these_attributes("h1", [])
Meta.allow_tag_with_uri_attributes("a", ["href"], ["https", "mailto"])
Meta.strip_everything_not_covered()
end Then, you can use the scrubber in your project by giving it as the second
argument to defmodule MyProject.MyModule do
alias HtmlSanitizeEx.Scrubber
alias MyProject.MyScrubber
def sanitize_html(html) do
Scrubber.scrub(html, MyScrubber)
end
end A great way to make a custom scrubber is to use one the of built-in scrubbers closest to your use case as a template. The built in scrubbers are located in /lib/html_sanitize_ex/scrubber Contributing
AuthorRené Föhring (@rrrene) Licensehtml_sanitize_ex is released under the MIT License. See the LICENSE file for further details. |
2023-10-27
2022-08-15
2022-08-17
2022-09-23
2022-08-13
请发表评论