class Sanitize::Policy::Whitelist
- Sanitize::Policy::Whitelist
- Sanitize::Policy
- Reference
- Object
Overview
This is a simple policy based on a tag and attribute whitelist.
This policy accepts only <div>
and <p>
tags with optional title
attributes:
policy = Sanitize::Policy::Whitelist.new({
"div" => Set{"title"},
"p" => Set{"title"},
})
The special *
key applies to all tag names and can be used to allow global
attributes:
This example is equivalent to the above. If more tag names were added, they
would also accept title
attributes.
policy = Sanitize::Policy::Whitelist.new({
"div" => Set(String).new,
"p" => Set(String).new,
"*" => Set{"title"},
})
Attributes are always optional, so this policy won't enforce the presence of an attribute.
If a tag's attribute list is empty, no attributes are allowed for this tag.
Attribute values are not changed by this policy.
Direct Known Subclasses
Defined in:
policy/whitelist.crConstructors
Instance Method Summary
-
#accepted_attributes : Hash(String, Set(String))
Mapping of accepted tag names and attributes.
-
#accepted_attributes=(accepted_attributes : Hash(String, Set(String)))
Mapping of accepted tag names and attributes.
-
#global_attributes : Set(String)
Short cut to
accepted_attributes["*"]
. - #transform_attributes(name : String, attributes : Hash(String, String)) : String | CONTINUE | STOP
-
#transform_tag(name : String, attributes : Hash(String, String)) : String | CONTINUE | STOP
Receives the element name and attributes of an opening tag and returns the transformed element name (usually the same as the input name).
-
#transform_text(text : String) : String | Nil
Receives the content of a text node and returns the transformed content.
Instance methods inherited from class Sanitize::Policy
block_tag?(name)
block_tag?,
block_whitespace : String
block_whitespace,
block_whitespace=(block_whitespace : String)
block_whitespace=,
process(html : String | XML::Node) : String
process,
process_document(html : String | XML::Node) : String
process_document,
transform_tag(name : String, attributes : Hash(String, String)) : String | Processor::CONTINUE | Processor::STOP
transform_tag,
transform_text(text : String) : String | Nil
transform_text
Constructor Detail
Instance Method Detail
Mapping of accepted tag names and attributes.
Receives the element name and attributes of an opening tag and returns the transformed element name (usually the same as the input name).
attributes are transformed directly in place.
Special return values:
Processor::CONTINUE
: Tells the processor to strip the current tag but continue traversing its children.Processor::CONTINUE
: Tells the processor to skip the current tag and its children completely and move to the next sibling.
Receives the content of a text node and returns the transformed content.
If the return value is nil
, the content is skipped.