html_sanitize_ex v1.4.2

HtmlSanitizeEx.Scrubber.NoScrub (html_sanitize_ex v1.4.2) View Source

Scrubs neither tags, nor their attributes.

This meant for testing purposes and as a template for your own scrubber.

Link to this section Summary

Functions

before_scrub(html)

Can be used to preprocess the given +html+ String before it is scrubbed.

scrub(text)

Scrubs a single tag given its attributes and children.

scrub_attribute(tag, attribute)

Scrubs a single attribute for a given tag.

Link to this section Functions

Link to this function

before_scrub(html)

View Source

Can be used to preprocess the given +html+ String before it is scrubbed.

Link to this function

scrub(text)

View Source

Scrubs a single tag given its attributes and children.

Calls scrub_attribute/2 to scrub individual attributes.

Link to this function

scrub_attribute(tag, attribute)

View Source

Scrubs a single attribute for a given tag.

You can utilize scrub_attribute to write custom matchers so you can sanitize specific attributes of specific tags:

As an example, if you only want to allow href attribute with the "http" and "https" protocols, you could implement it like this:

def scrub_attribute("a", {"href", "http" <> target}) do
  {"href", "http" <> target}
end

def scrub_attribute("a", {"href", _}) do
  nil
end