Comments (7)
This sounds a lot like https://github.com/straight-shoota/sanitize
I published this as a shard for independent development and because of its complexity. I could see this shard (or a similar implementation) becoming a part of stdlib if we consider the use case to be very common. It's certainly a very important feature when you're dealing with untrusted HTML content.
An important aspect to such a security component is auditing. It would be devastating if a sanitization library becomes a liability (like the Python XSS example). So far, I'm not aware that my shard has received any relevant peer review.
from crystal.
Absolutely excellent, and I wish I'd been able to come across that in my searches.
from crystal.
Yeah, I guess there are quite a lot different terms for this kind of thing. Probably because you can view and resolve the problem from different angles. So that's not ideal for search.
What did you look for and where? Maybe we can improve discoverability a bit.
from crystal.
I was focused on the keyword "striptags". I looked in the HTML parsing section of awesome-crystal, and I search github for lang:Crystal striptags
-- which is where I came across the inner-text pattern in crinja I referenced.
from crystal.
Thanks. lang:Crystal striptags
works now 😏
https://shardbox.org/categories/HTML_XML_Parsing would've brought you there as well.
from crystal.
I've forgotten about or never heard of shardbox.org, but that makes me realize that I would have found it with https://shards.info/search?query=html too.
from crystal.
this example also similar to strip tags: https://github.com/kostya/lexbor/blob/master/examples/texts.cr
from crystal.
Related Issues (20)
- Nilable `Proc` types inside libs
- Cannot return `Proc`s from top-level funs
- `ReferenceStorage(T)` is always atomic even when `T` isn't HOT 1
- Add `crystal tool method_types` for listing method parameter types HOT 4
- Passing nil to Addrinfo.getaddrinfo gives unexpected error message HOT 1
- Package installation fails on Windows due to missing SQLite3 .lib files HOT 2
- `File#truncate` raises `File::AccessDeniedError` on Windows when file was opened in append mode HOT 3
- Cache compiler results for tools
- Include more types in `crystal tool hierarchy` HOT 9
- `close_on_exec` on Windows HOT 2
- Pointer equality for `Slice` HOT 6
- Forbid variable assignment in function call HOT 4
- Captured block parameter not recognised when used inside macro HOT 2
- Internal error when using `sizeof` as generic type argument in inferred ivar type
- ECR escape sequences do not work with `-`
- Customizing or hiding `Benchmark.ips`'s output format HOT 3
- Adding a Difference method to the Math module HOT 4
- Visit the Time.local in the macro. HOT 5
- Add Makefile support `--mcpu=native` as override FLAGS to permit build crystal compiler can enable this option optional for a better performance. HOT 5
- Compiler should Emit Warning/Notes when Deduced Type Differs from Annotated Type. HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from crystal.