luci: go.chromium.org/luci/common/data/text/sanitizehtml Index | Files

package sanitizehtml

import "go.chromium.org/luci/common/data/text/sanitizehtml"

Package sanitizehtml implements a sanitizer of a very limited HTML. See Sanitize comment.

Index

Package Files

sanitize.go

func Sanitize Uses

func Sanitize(w io.Writer, r io.Reader) (err error)

Sanitize strips all HTML nodes except allowed ones.

Unless explicitly specified, attributes are stripped. Allowed elements:

- p, br, hr
- h1, h2, h3, h4, h5, h6
- strong, em
- a
  - if href attribute is not a valid absolute HTTP(s) link, it is replaced
    with an innocuous one.
  - alt attribute is allowed
- ul, ol, li
- code, pre

Elements <script> and <style> are ignored entirely. For all other HTML nodes, Sanitize ignores the node, but visits its children.

Package sanitizehtml imports 6 packages (graph) and is imported by 2 packages. Updated 2019-10-21. Refresh now. Tools for package owners.