![]() |
![]()
| ![]() |
![]()
NAMEMojoMojo::Formatter::Defang - Scrub user HTML and XSS DESCRIPTIONThis formatter makes sure only a safe range of tags are allowed, using MojoMojo::Defang; It also tries to remove XSS attempts. METHODSformat_content_orderFormat order can be 1-99. The Defang formatter runs on 16, just after the main formatter, in order to catch direct user input. Defang trusts the main formatter and all subsequently ran plugins to not output unsafe HTML. defang_tags_callbackCallback for custom handling specific HTML tags defang_url_callbackCallback for custom handling URLs in HTML attributes as well as styletag/attribute declarations defang_css_callbackCallback for custom handling style tags/attributes. defang_attribs_callbackCallback for custom handling HTML tag attributes. format_contentCalls the formatter. Takes a ref to the content as well as the context object. SEE ALSOMojoMojo, Module::Pluggable::Ordered, MojoMojo::Defang AUTHORSMarcus Ramberg <mramberg@cpan.org> LICENSEThis library is free software. You can redistribute it and/or modify it under the same terms as Perl itself.
|