class Sanitize::Policy::Whitelist

• Sanitize::Policy::Whitelist
• Sanitize::Policy
• Reference
• Object

Overview

This is a simple policy based on a tag and attribute whitelist.

This policy accepts only <div> and <p> tags with optional title attributes:

policy = Sanitize::Policy::Whitelist.new({
  "div" => Set{"title"},
  "p"   => Set{"title"},
})

The special * key applies to all tag names and can be used to allow global attributes:

This example is equivalent to the above. If more tag names were added, they would also accept title attributes.

policy = Sanitize::Policy::Whitelist.new({
  "div" => Set(String).new,
  "p"   => Set(String).new,
  "*"   => Set{"title"},
})

Attributes are always optional, so this policy won't enforce the presence of an attribute.

If a tag's attribute list is empty, no attributes are allowed for this tag.

Attribute values are not changed by this policy.

Direct Known Subclasses

• Sanitize::Policy::HTMLSanitizer

Defined in:

Constructors

• .new(accepted_attributes : Hash(String, Set(String)))

Instance Method Summary

• #accepted_attributes : Hash(String, Set(String))

  Mapping of accepted tag names and attributes.

• #accepted_attributes=(accepted_attributes : Hash(String, Set(String)))

  Mapping of accepted tag names and attributes.

• #global_attributes

  Short cut to accepted_attributes["*"].

• #transform_attributes(name : String, attributes : Hash(String, String)) : String | CONTINUE | STOP
• #transform_tag(name : String, attributes : Hash(String, String)) : String | CONTINUE | STOP

  Receives the element name and attributes of an opening tag and returns the transformed element name (usually the same as the input name).

• #transform_text(text : String) : String?

  Receives the content of a text node and returns the transformed content.

Constructor Detail

Instance Method Detail