class ReeText::SanitizeHtml

def call(html, prune: false, **opts)

def call(html, prune: false, **opts)
  options = DEFAULTS.merge(opts)
  tags = if options[:tags]
    remove_safelist_tag_combinations(Set.new(options[:tags]))
  else
    ALLOWED_TAGS
  end
  attributes = options[:attributes] ? Set.new(options[:attributes]) : ALLOWED_ATTRIBUTES
  loofah_fragment = Loofah.fragment(html)
  permit_scrubber = PermitScrubber.new(
    prune: prune,
    tags: tags, 
    attributes: attributes
  )
  loofah_fragment.scrub!(permit_scrubber)
  properly_encode(loofah_fragment, encoding: 'UTF-8')
end

def loofah_using_html5?

def loofah_using_html5?
  # future-proofing, see https://github.com/flavorjones/loofah/pull/239
  Loofah.respond_to?(:html5_mode?) && Loofah.html5_mode?
end

def properly_encode(fragment, options)

def properly_encode(fragment, options)
  fragment.xml? ? fragment.to_xml(options) : fragment.to_html(options)
end

def remove_safelist_tag_combinations(tags)

def remove_safelist_tag_combinations(tags)
  if !loofah_using_html5? && tags.include?("select") && tags.include?("style")
    tags.delete("style")
  end
  tags
end

Namespace

ReeText

Included Modules

ReeText::SanitizeHtml::Ree::FnDSL

Instance Methods

Defined in

lib/ree_lib/packages/ree_text/package/ree_text/functions/sanitize_html.rb