MojoMojo::Formatter::Defang - Scrub user HTML and XSS

MojoMojo documentation  | view source Contained in the MojoMojo distribution.

Index

NAME

Top

MojoMojo::Formatter::Defang - Scrub user HTML and XSS

DESCRIPTION

Top

This formatter makes sure only a safe range of tags are allowed, using MojoMojo::Defang; It also tries to remove XSS attempts.

METHODS

Top

format_content_order

Format order can be 1-99. The Defang formatter runs on 16, just after the main formatter, in order to catch direct user input. Defang trusts the main formatter and all subsequently ran plugins to not output unsafe HTML.

defang_tags_callback

Callback for custom handling specific HTML tags

defang_url_callback

Callback for custom handling URLs in HTML attributes as well as styletag/attribute declarations

defang_css_callback

Callback for custom handling style tags/attributes.

defang_attribs_callback

Callback for custom handling HTML tag attributes.

format_content

Calls the formatter. Takes a ref to the content as well as the context object.

SEE ALSO

Top

MojoMojo, Module::Pluggable::Ordered, MojoMojo::Defang

AUTHORS

Top

Marcus Ramberg <mramberg@cpan.org>

LICENSE

Top

This library is free software. You can redistribute it and/or modify it under the same terms as Perl itself.

MojoMojo documentation  | view source Contained in the MojoMojo distribution.