Copyright © 2009-2021 Marc Worrell
Authors: Marc Worrell (marc@worrell.nl).
maybe_binary() = undefined | binary()
maybe_iodata() = undefined | iodata()
maybe_text() = undefined | text()
maybe_unsafe_text() = undefined | unsafe_text()
sanitize_option() = {elt_extra, [binary()]} | {attr_extra, [binary()]} | {element, function()}
sanitize_options() = [sanitize_option()]
text() = iodata() | {trans, [{atom(), binary()}]}
unsafe_text() = iodata() | {trans, [{atom(), iodata()}]} | {trans, [{binary(), iodata()}]} | {trans, map()}
abs_links/2 | Make all links (href/src) in the html absolute to the base URL This takes a shortcut by checking all ' (src|href)=".."'. |
br2nl/1 | Translate any html br entities to newlines. |
ensure_escaped_amp/1 | Ensure that & -characters are properly escaped inside a html string. |
escape/1 | Escape a string so that it is valid within HTML/ XML. |
escape_check/1 | Ensure that a string is escaped so that it is valid within HTML/ XML. |
escape_html_comment/2 | Escape smaller-than, greater-than (for in comments). |
escape_html_text/2 | Escape smaller-than, greater-than, single and double quotes in texts (& is already removed or escaped). |
escape_link/1 | Escape a text. |
escape_props/1 | Escape all properties used for an update statement. |
escape_props/2 | |
escape_props_check/1 | Checks if all properties are properly escaped. |
escape_props_check/2 | |
flatten_attr/1 | Flatten an attribute, attributes have been whitelisted and the values have been sanitized. |
nl2br/1 | Translate any newlines to html br entities. |
noscript/1 | Filter a url, remove any "javascript:" and "data:" (as data can be text/html). |
noscript/2 | Filter an url, if strict then also remove "data:" (as data can be text/html). |
sanitize/1 | Sanitize a (X)HTML string. |
sanitize/2 | |
sanitize/4 | Sanitize a mochiwebparse tree. |
sanitize_attr_value/2 | |
sanitize_uri/1 | Ensure that an uri is (quite) harmless by removing any script reference. |
scrape_link_elements/1 | Given a HTML list, scrape all <link> elements and return their attributes. |
strip/1 | Strip all html elements from the text. |
truncate/2 | Truncate a previously sanitized HTML string. |
truncate/3 | |
unescape/1 | Unescape - reverses the effect of escape. |
abs_links(Html::maybe_iodata(), Base::binary()) -> iodata()
Make all links (href/src) in the html absolute to the base URL This takes a shortcut by checking all ' (src|href)=".."'
br2nl(B::maybe_text()) -> maybe_text()
Translate any html br entities to newlines.
ensure_escaped_amp(B::maybe_binary()) -> binary()
Ensure that &
-characters are properly escaped inside a html string.
escape(L::maybe_unsafe_text()) -> maybe_text()
Escape a string so that it is valid within HTML/ XML.
escape_check(L::maybe_unsafe_text()) -> maybe_text()
Ensure that a string is escaped so that it is valid within HTML/ XML.
escape_html_comment(X1, Acc) -> any()
Escape smaller-than, greater-than (for in comments)
escape_html_text(X1, Acc) -> any()
Escape smaller-than, greater-than, single and double quotes in texts (& is already removed or escaped).
escape_link(Text::maybe_iodata()) -> maybe_binary()
Escape a text. Expands any urls to links with a nofollow attribute.
escape_props(Props::list() | map()) -> list() | map()
Escape all properties used for an update statement. Only leaves the body property intact.
escape_props(Props::list() | map(), Options::list()) -> list() | map()
escape_props_check(Props::list() | map()) -> list() | map()
Checks if all properties are properly escaped
escape_props_check(Props::list() | map(), Options::list()) -> list() | map()
flatten_attr(X1) -> any()
Flatten an attribute, attributes have been whitelisted and the values have been sanitized.
nl2br(B::maybe_text()) -> maybe_text()
Translate any newlines to html br entities.
noscript(Url) -> any()
Filter a url, remove any "javascript:" and "data:" (as data can be text/html).
noscript(Url0::list() | binary(), IsStrict::boolean()) -> binary()
Filter an url, if strict then also remove "data:" (as data can be text/html).
sanitize(Html::maybe_text()) -> maybe_text()
Sanitize a (X)HTML string. Remove elements and attributes that might be harmful.
sanitize(Html::maybe_text(), Options::sanitize_options()) -> maybe_text()
sanitize(ParseTree::z_html_parse:html_element(), ExtraElts::binary() | list(), ExtraAttrs::binary() | list(), Options::any()) -> z_html_parse:html_element()
Sanitize a mochiwebparse tree. Remove harmful elements and attributes.
sanitize_attr_value(Attr, V) -> any()
sanitize_uri(Uri::maybe_iodata()) -> maybe_binary()
Ensure that an uri is (quite) harmless by removing any script reference
scrape_link_elements(Html::iodata()) -> [[z_html_parse:html_attr()]]
Given a HTML list, scrape all <link>
elements and return their attributes. Attribute names are lowercased.
strip(Html::maybe_text()) -> maybe_text()
Strip all html elements from the text. Simple parsing is applied to find the elements. Does not escape the end result.
truncate(Html::maybe_text(), Length::integer()) -> maybe_text()
Truncate a previously sanitized HTML string.
truncate(Html::maybe_text(), Length::integer(), Append::iodata()) -> maybe_text()
unescape(L::maybe_text()) -> maybe_text()
Unescape - reverses the effect of escape.
Generated by EDoc