MojoMojo::Formatter::Defang(3)
Scrub user HTML and XSS
DESCRIPTION
This formatter makes sure only a safe range of tags are
allowed, using MojoMojo::Defang; It also tries to remove XSS attempts.
METHODS
format_content_order
Format order can be 1-99. The Defang formatter runs on 16, just after the main
formatter, in order to catch direct user input. Defang trusts the main formatter
and all subsequently ran plugins to not output unsafe HTML.
defang_tags_callback
Callback for custom handling specific HTML tags
defang_url_callback
Callback for custom handling URLs in HTML attributes as well as
styletag/attribute declarations
defang_css_callback
Callback for custom handling style tags/attributes.
defang_attribs_callback
Callback for custom handling HTML tag attributes.
format_content
Calls the formatter. Takes a ref to the content as well as the
context object.
LICENSE
This library is free software. You can redistribute it and/or modify
it under the same terms as Perl itself.
