z_sanitize (zotonic_core v1.0.0-rc.17)
Interface to z_html sanitizers, sets options and adds embed sanitization.
Summary
Functions
Escape a Javascript callback function. Crash if not a safe callback function name.
Ensure that some characters are escaped, URLs copied from the browser can contain UTF-8 characters that need to be percent-encoded befor further processing is possible. Does NOT allow data: URLs.
Ensure that some characters are escaped, URLs copied from the browser can contain UTF-8 characters that need to be percent-encoded befor further processing is possible. Allows data: URLs.
Functions
Escape a Javascript callback function. Crash if not a safe callback function name.
-spec uri(Url) -> EncodedUrl when Url :: binary() | string(), EncodedUrl :: binary(); (undefined) -> undefined.
Ensure that some characters are escaped, URLs copied from the browser can contain UTF-8 characters that need to be percent-encoded befor further processing is possible. Does NOT allow data: URLs.
-spec uri(Url, IsAllowData) -> EncodedUrl when Url :: binary() | string() | undefined, IsAllowData :: boolean(), EncodedUrl :: binary(); (undefined, IsAllowData) -> undefined when IsAllowData :: boolean().
Ensure that some characters are escaped, URLs copied from the browser can contain UTF-8 characters that need to be percent-encoded befor further processing is possible. Allows data: URLs.