class Sanitize
def self.clean(html, config = {})
Returns a sanitized copy of _html_, using the settings in _config_ if
def self.clean(html, config = {}) Sanitize.new(config).clean(html) end
def self.clean!(html, config = {})
Performs Sanitize#clean in place, returning _html_, or +nil+ if no changes
def self.clean!(html, config = {}) Sanitize.new(config).clean!(html) end
def self.clean_document(html, config = {})
the default fragment parser. This will add a DOCTYPE and html tag
Performs a Sanitize#clean using a full-document HTML parser instead of
def self.clean_document(html, config = {}) Sanitize.new(config).clean_document(html) end
def self.clean_document!(html, config = {})
Performs Sanitize#clean_document in place, returning _html_, or +nil+ if no
def self.clean_document!(html, config = {}) Sanitize.new(config).clean_document!(html) end
def self.clean_node!(node, config = {})
def self.clean_node!(node, config = {}) Sanitize.new(config).clean_node!(node) end
def clean(html)
def clean(html) if html dupe = html.dup clean!(dupe) || dupe end end
def clean!(html, parser = Nokogiri::HTML::DocumentFragment)
Performs clean in place, returning _html_, or +nil+ if no changes were
def clean!(html, parser = Nokogiri::HTML::DocumentFragment) fragment = parser.parse(html) clean_node!(fragment) output_method_params = {:encoding => @config[:output_encoding], :indent => 0} if @config[:output] == :xhtml output_method = fragment.method(:to_xhtml) output_method_params[:save_with] = Nokogiri::XML::Node::SaveOptions::AS_XHTML elsif @config[:output] == :html output_method = fragment.method(:to_html) else raise Error, "unsupported output format: #{@config[:output]}" end result = output_method.call(output_method_params) return result == html ? nil : html[0, html.length] = result end
def clean_document(html)
def clean_document(html) unless html.nil? clean_document!(html.dup) || html end end
def clean_document!(html)
def clean_document!(html) if !@config[:elements].include?('html') && !@config[:remove_contents] raise 'You must have the HTML element whitelisted to call #clean_document unless remove_contents is set to true' # otherwise Nokogiri will raise for having multiple root nodes when # it moves its children to the root document context end clean!(html, Nokogiri::HTML::Document) end
def clean_node!(node)
def clean_node!(node) raise ArgumentError unless node.is_a?(Nokogiri::XML::Node) node_whitelist = Set.new unless @transformers[:breadth].empty? traverse_breadth(node) {|n| transform_node!(n, node_whitelist, :breadth) } end traverse_depth(node) {|n| transform_node!(n, node_whitelist, :depth) } node end
def initialize(config = {})
def initialize(config = {}) @config = Config::DEFAULT.merge(config) @transformers = { :breadth => Array(@config[:transformers_breadth].dup), :depth => Array(@config[:transformers]) + Array(@config[:transformers_depth]) } # Default depth transformers. These always run at the end of the chain, # after any custom transformers. @transformers[:depth] << Transformers::CleanComment unless @config[:allow_comments] @transformers[:depth] << Transformers::CleanCDATA << Transformers::CleanElement.new(@config) end
def transform_node!(node, node_whitelist, mode)
def transform_node!(node, node_whitelist, mode) @transformers[mode].each do |transformer| result = transformer.call({ :config => @config, :is_whitelisted => node_whitelist.include?(node), :node => node, :node_name => node.name.downcase, :node_whitelist => node_whitelist, :traversal_mode => mode }) if result.is_a?(Hash) && result[:node_whitelist].respond_to?(:each) node_whitelist.merge(result[:node_whitelist]) end end node end
def traverse_breadth(node, &block)
Performs breadth-first traversal, operating first on the root node, then
def traverse_breadth(node, &block) block.call(node) node.children.each {|child| traverse_breadth(child, &block) } end
def traverse_depth(node, &block)
Performs depth-first traversal, operating first on the deepest nodes in the
def traverse_depth(node, &block) node.children.each {|child| traverse_depth(child, &block) } block.call(node) end