NAME¶
MojoMojo::Formatter::Defang - Scrub user HTML and XSS
DESCRIPTION¶
This formatter makes sure only a safe range of tags are allowed, using
MojoMojo::Defang; It also tries to remove XSS attempts.
METHODS¶
format_content_order¶
Format order can be 1-99. The Defang formatter runs on 16, just after the main
formatter, in order to catch direct user input. Defang trusts the main
formatter and all subsequently ran plugins to not output unsafe HTML.
Callback for custom handling specific HTML tags
defang_url_callback¶
Callback for custom handling URLs in HTML attributes as well as
styletag/attribute declarations
defang_css_callback¶
Callback for custom handling style tags/attributes.
defang_attribs_callback¶
Callback for custom handling HTML tag attributes.
format_content¶
Calls the formatter. Takes a ref to the content as well as the context object.
SEE ALSO¶
MojoMojo, Module::Pluggable::Ordered, MojoMojo::Defang
AUTHORS¶
Marcus Ramberg <mramberg@cpan.org>
LICENSE¶
This library is free software. You can redistribute it and/or modify it under
the same terms as Perl itself.