NAME
HTML::Detoxifier - practical module to strip harmful HTML
DESCRIPTION
HTML::Detoxifier is a practical module to remove harmful tags from HTML
input. It's intended to be used for web sites that accept user input in
the form of HTML and then present that information in some form.
Unlike other modules, HTML::Detoxifier is intended to be a practical
solution that abstracts away all the specifics of whitelisting certain tags
easily and securely. Tags are divided into functional groups, each of which
can be disallowed or allowed as you wish. Additionally, HTML::Detoxifier
knows how to clean inline CSS; with HTML::Detoxifier, you can securely
allow users to use style sheets without allowing cross-site scripting
vulnerabilities.
INSTALLATION
The standard drill.
perl Makefile.PL
make
make test
make install
DEPENDENCIES
HTML::TokeParser
HTML::Entities
Exporter
COPYRIGHT AND LICENSE
Copyright (c) 2004 Patrick Walton <pwalton@metajournal.net> but freely
redistributable and modifiable under the same terms as Perl itself.