Questions tagged [sanitize]

Whitelist-based Ruby HTML and CSS sanitizer.

Sanitize is a whitelist-based HTML and CSS sanitizer. Given a list of acceptable elements, attributes, and CSS properties, Sanitize will remove all unacceptable HTML and/or CSS from a string.

Using a simple configuration syntax, you can tell Sanitize to allow certain HTML elements, certain attributes within those elements, and even certain URL protocols within attributes that contain URLs. You can also whitelist CSS properties, @ rules, and URL protocols you wish to allow in elements or attributes containing CSS. Any HTML or CSS that you don't explicitly allow will be removed.

Sanitize is based on Google's Gumbo HTML5 parser, which parses HTML exactly the same way modern browsers do, and Crass, which parses CSS exactly the same way modern browsers do. As long as your whitelist config only allows safe markup and CSS, even the most malformed or malicious input will be transformed into safe output.

411 questions
-2
votes
4 answers

Rails ActiveRecord: Inserting text containing unprintable/weird characters

I am inserting some text from scraped web into my database. some of the fields in the string have unprintable/weird characters. For example, if text is "C__O__?__P__L__E__T__E", then the text in the database is stored only as "C__O__" I know…
Ryan Oberoi
  • 13,817
  • 2
  • 24
  • 23
-2
votes
1 answer

Perfect conversion from

I need to sanitize HTML in a WYSIWYG editor. The output must not contain any
s. All
elements must be replaced with
elements. This original text MUST render the same as the sanitized text. This is my attempt so far (notice the…
-2
votes
2 answers

How can you allow <3 or any tag < any character not ending with < or > sanitize

sanitize("hello") => hello but if I have sanitize("<3") it return 3 only I want it should allow string if not end with < or > like if I do sanitize("<3 >4") it should simply return <3 >4
userxyz
  • 1,100
  • 8
  • 14
-3
votes
2 answers

How can I sanitise input for a hash converter in PHP?

I have made a website that generates hashes from users inputting plain text, a user can enter a word/ phrase and select from MD5 or SHA1 (or both). The site then takes this input and converts it into MD5 & SHA1 and stores it in a database, then…
crhodes
  • 1,178
  • 9
  • 20
-4
votes
1 answer

PHP: recursively remove brackets from filenames in directory and all sub directories

I'm having an issue getting rid of brackets in uploaded files in a system. I'm able to remove the brackets in the files of a single directory but I'm struggling to get this working recursively in the sub directories of the same folder. I'm using…
1 2 3
27
28