开发者

Escape HTML using a whitelist

问答 作者:

There are some very comfortable whitelist sanitizers for Ruby, but I can开发者_如何学Go't find a tool that does HTML escaping using a whitelist. All Ruby HTML escape libraries do only escape all HTML tags in a provided text. Is there a library that let me choose which tags to escape?

The Sanitize library you linked to supports custom configurations. See the "Custom Configuration" heading in the readme. The "elements" option sounds just like what you're looking for — you can specify an array of tags to allow.

  :elements => %w[
    a abbr b blockquote br cite code dd dfn dl dt em i kbd li mark ol p pre
    q s samp small strike strong sub sup time u ul var
  ]

继续阅读:escapingrubysanitization

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9