module Filters
Defined in:
filters.crClass Method Summary
-
.encode_angles(str : String) : String
HTML entity encode angle brackets (allows attribute-context bypass)
- .escape_double_quote(str : String) : String
- .escape_quotes(str : String) : String
- .escape_single_quote(str : String) : String
- .strip_angles(str : String) : String
-
.strip_event_handlers(str : String) : String
Strip event handlers (onclick, onerror, etc.)
-
.strip_js_protocol(str : String) : String
Strip javascript: protocol
-
.strip_keyword_ci(str : String, keyword : String) : String
Case-insensitive keyword removal (bypassable via mixed case encoding)
-
.strip_keyword_recursive(str : String, keyword : String) : String
Recursive keyword removal (handles double-insertion like <scr